z4a.net Open in urlscan Pro
2606:4700:3038::6815:eaeb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://z4a.net/
Effective URL:
https://z4a.net/
Submission Tags: falconsandbox
Submission: On January 16 via api (January 16th 2024, 7:27:02 pm UTC) from US — Scanned from DE

Summary HTTP 179 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 33 domains to perform 179 HTTP transactions. The main IP is 2606:4700:3038::6815:eaeb, located in United States and belongs to CLOUDFLARENET, US. The main domain is z4a.net. The Cisco Umbrella rank of the primary domain is 435657.
TLS certificate: Issued by GTS CA 1P5 on December 28th 2023. Valid for: 3 months.

This is the only time z4a.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700:303... 2606:4700:3038::6815:eaeb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 17	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
8 17	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	54.155.202.187 54.155.202.187	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:1de1:fa9f:7936:94dd	16509 (AMAZON-02) (AMAZON-02)
1	35.157.107.95 35.157.107.95	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
3	2600:9000:223... 2600:9000:223f:c200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 4	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
7	2600:1f13:800... 2600:1f13:800:7782:857d:d048:5cf8:98f7	() ()
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.132.128.129 18.132.128.129	() ()
1 2	142.250.184.230 142.250.184.230	() ()
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
1 1	34.91.62.186 34.91.62.186	() ()
1 2	23.32.185.35 23.32.185.35	() ()
1	2a00:1450:400... 2a00:1450:4001:806::2002	() ()
1	52.222.139.129 52.222.139.129	() ()
1	99.86.4.53 99.86.4.53	() ()
2	3.11.114.248 3.11.114.248	() ()
179	43

13 2606:4700:3038::6815:eaeb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

z4a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.74.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.155.202.187 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-202-187.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1de1:fa9f:7936:94dd (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.107.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-107-95.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.232 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:c200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.149 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal90009.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7782:857d:d048:5cf8:98f7 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.128.129 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (None, ) 1 redirects

ASN- ()

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (None, ) 1 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.129 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.11.114.248 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	586 KB
38	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594 ad.doubleclick.net — Cisco Umbrella Rank: 163 5994599.fls.doubleclick.net	193 KB
13	z4a.net 1 redirects z4a.net — Cisco Umbrella Rank: 435657	492 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com	106 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	114 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal90009.redintelligence.net — Cisco Umbrella Rank: 210217	57 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	5 KB
7	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com	2 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	5 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	66 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	259 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	301 KB
3	webgains.io analytics.webgains.io api.webgains.io	19 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 41332	1013 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 583	2 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	2 KB
2	teads.tv 1 redirects sync.teads.tv	452 B
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	725 B
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 1872	573 B
2	google.de www.google.de — Cisco Umbrella Rank: 6518	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	webgains.team cdn.track.production.webgains.team	3 KB
1	simpli.fi 1 redirects um.simpli.fi	718 B
1	webgains.com track.webgains.com	2 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16092	703 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 148117	923 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	146 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	718 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 727	574 B
179	33

	Domain	Requested by
33	pagead2.googlesyndication.com	z4a.net pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
22	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net z4a.net
17	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
13	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com z4a.net googleads.g.doubleclick.net
13	z4a.net	1 redirects z4a.net
11	s0.2mdn.net	z4a.net s0.2mdn.net googleads.g.doubleclick.net
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	hal90009.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90009.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90009.redintelligence.net
4	www.googletagservices.com	z4a.net googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net hal90009.redintelligence.net
4	www.googletagmanager.com	z4a.net www.googletagmanager.com adv.office-partner.de
3	pv.medialead.de	hal90009.redintelligence.net
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	c1.adform.net	3 redirects
2	api.webgains.io	analytics.webgains.io
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	5994599.fls.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.googleadservices.com
2	ad.doubleclick.net	googleads.g.doubleclick.net 5994599.fls.doubleclick.net
2	dis.criteo.com	googleads.g.doubleclick.net
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	z4a.net
2	fw.adsafeprotected.com	1 redirects z4a.net
2	www.google.de
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	um.simpli.fi	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	track.webgains.com	googleads.g.doubleclick.net
1	www.awin1.com	hal90009.redintelligence.net
1	adv.office-partner.de	hal90009.redintelligence.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com
1	cms.quantserve.com	googleads.g.doubleclick.net
1	tags.bluekai.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	region1.analytics.google.com	www.googletagmanager.com
179	48

This site contains links to these domains. Also see Links.

Domain
www.datagobi.com
pt.upxin.net
ns.ci

Subject Issuer	Validity	Valid
z4a.net GTS CA 1P5	`2023-12-28` - `2024-03-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://z4a.net/
Frame ID: 8F3DE043EB716532833FA1203BB5B3BC
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 01A27B4F91519C78C5BE244D92733E48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&adk=3895348141&adf=3876334049&lmt=1705433216&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Fz4a.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433216669&bpp=5&bdt=2202&idt=144&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8319729639551&frm=20&pv=2&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=169
Frame ID: 159FC5AAECC545EE63315C320C99C126
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3B5879EA7D98CCD095BE8D1508D8B04D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90052A64379825FFEEE3AE4915E96495
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=280&adk=3175694369&adf=2617822577&pi=t.aa~a.1981750379~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x280&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Frame ID: 5E13B65C2906E38E2A1F37C043FD92A3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Frame ID: 4D569067CDA3DEE00E63070CE4C553B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 757098BC0B88B94BD2B9648578E11BD4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: DA0C80283381D8C33153254FCC831419
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOPKvIMCMAE&v=APEucNVcP6LDD3fwKFe899v4CKxMP9Cr16sCq0O_PolN0SExsqWkxS_MXs0T5yoJ7ZVW2BRfhmfJ0qgLEnQDfDsQqNSVMZTlpwzg-319MbGuSYPudgJLFSvYNo3JkHfUQJc0H2P7UCy2S9SOiE8lehA5rrB1yPWv0BGzEWlZvj1vEeKp6zgXM5M
Frame ID: 61FDDBF6FDBF85C68AE41B552543BBF9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CC8C58DDCB16B3E96248C72BD27F8548
Requests: 28 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 59D8A8ECDA5D19706F2EF4BBB52B7485
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2687906D7C6DE3608DD65C8E09CD86E5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNV9pA7AmbENMe7rXxJn7UDCTxqFYNl79e-NJ5MZUpDZ6nE0coPDHmqh6_2mQmltEzcIDWT3n7Xs3ZzmSDB4hGg5JXqIfJ2Wv_014mmuE-R7gy13p8AWXcXUdeCKbxQOnYRfCnlfUZe1I0kCI_vXynl0HfvI2wHbE7biD_Q2-IJnkIHSUik
Frame ID: E68047FFCF29BD1DE00BB7176AE4FB03
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 820335E6F808C297506ECADC97EF6FD2
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: 3B4E009F1F513450356A2FADF5A88A32
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 140D84716646F9BBA87E9C1A078839D7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 528E1892FA8B18850843F3F42BFDAA46
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250
Frame ID: 923CB2184339896D26DC977F726C6DA6
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 56DFDB898C33D527B691F6B652C61985
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: 1EB00C155A71A42C65A5E552FC196D9E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 27810B3C40C53B63D7B41EE5223F4C0C
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=14173600173585604444550012571009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: B45CD65F1F293649F34132B9DE423C56
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 5DD3DE933DC5640A2817640F6869C342
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNzH8OnR4oMDFTsMogMdQ5UG-A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537
Frame ID: 6DC987D570193EA22853794357A5A7E2
Requests: 3 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=14173600173585604444550012571009&a=f08a3a86
Frame ID: 1EDB4224BF53C38409317E40C8430C54
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A6743C718EF4AE3E04ACF8D89680FF6B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Z4A图床-做国内最良心的免费图床 - Z4A图床

Page URL History Show full URLs

http://z4a.net/ HTTP 301
https://z4a.net/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

179
Requests

89 %
HTTPS

49 %
IPv6

33
Domains

48
Subdomains

43
IPs

8
Countries

2230 kB
Transfer

5873 kB
Size

34
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.datagobi.com/
Title: DataGobi Ltd

Search URL Search Domain Scan URL

URL: https://pt.upxin.net/
Title: HDUPT

Search URL Search Domain Scan URL

URL: https://ns.ci/
Title: NSCI云储

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://z4a.net/ HTTP 301
https://z4a.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRTE1oSN-YG_mB3I-JTzZw&google_cver=1

Request Chain 55

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZabYgs0vnouGRkorQ8EBWAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdnHxZeRj7A7y2nmBpORfw&google_cver=1

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENyxYeefOavgQr1mhzELU-8&google_cver=1

Request Chain 57

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0MzE1OTU3NDUzNDExOTgyNw%3D%3D

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJ5rLabiQLWiyQaBuOg5RE&google_cver=1

Request Chain 97

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZabYgs0vnouGRkorQ8EBWAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJ5rLabiQLWiyQaBuOg5RE&google_cver=1

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED7k2QPqmIaH9fkzHBFgeMY&google_cver=1

Request Chain 99

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0MzE1OTU3NDUzNDExOTgyNw%3D%3D

Request Chain 110

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGpbiWZ3tVmF0GcZihUuw9A&google_cver=1&google_push=AXcoOmRO9sPlC1x1ugXFUI_Y3WAGpG_oSMkgCaULZrxdpdYGMNUUgP_nTHzsdMGHsQf11K8G1xQAOrex7NOyOwncLMxHlGDhYvXBnFWG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRO9sPlC1x1ugXFUI_Y3WAGpG_oSMkgCaULZrxdpdYGMNUUgP_nTHzsdMGHsQf11K8G1xQAOrex7NOyOwncLMxHlGDhYvXBnFWG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGpbiWZ3tVmF0GcZihUuw9A&google_cver=1&google_push=AXcoOmRO9sPlC1x1ugXFUI_Y3WAGpG_oSMkgCaULZrxdpdYGMNUUgP_nTHzsdMGHsQf11K8G1xQAOrex7NOyOwncLMxHlGDhYvXBnFWG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRO9sPlC1x1ugXFUI_Y3WAGpG_oSMkgCaULZrxdpdYGMNUUgP_nTHzsdMGHsQf11K8G1xQAOrex7NOyOwncLMxHlGDhYvXBnFWG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 112

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPHTbOYGfhNukrOaWLT8zRE&google_cver=1&google_push=AXcoOmTITDQLhmLizWTpXmocv4tT_RZNkxkO9hGjeM1_LpyC2jMHNkE7lNI4yqvisyZtnqGbbFlh8yI31hzMrDYHBjp6uTgQIITUl5b8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTITDQLhmLizWTpXmocv4tT_RZNkxkO9hGjeM1_LpyC2jMHNkE7lNI4yqvisyZtnqGbbFlh8yI31hzMrDYHBjp6uTgQIITUl5b8&google_hm=eS05ZUtBVlBKRTJwRVFtQWVOUF9RcmZseENyQk5vYW9BNn5B

Request Chain 115

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF0DjHXjDERMCZeEe6HCfMo&google_cver=1&google_push=AXcoOmRnVMGIZ8WmtGr8M88scubTOMfnB7EC1oNmAmrNDJucTlXe_ypSMeYvOt7H2DoN0ubjR_oyfL5Vqm9w218QBrAeNVFlbhJzd65L HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF0DjHXjDERMCZeEe6HCfMo&google_cver=1&google_push=AXcoOmRnVMGIZ8WmtGr8M88scubTOMfnB7EC1oNmAmrNDJucTlXe_ypSMeYvOt7H2DoN0ubjR_oyfL5Vqm9w218QBrAeNVFlbhJzd65L HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzMyNTAyNzM0MDA4NDY0OA&google_push=AXcoOmRnVMGIZ8WmtGr8M88scubTOMfnB7EC1oNmAmrNDJucTlXe_ypSMeYvOt7H2DoN0ubjR_oyfL5Vqm9w218QBrAeNVFlbhJzd65L

Request Chain 123

https://googleads.g.doubleclick.net/pagead/adview?ai=CRf25gtimZdDqBJeW9wXRlonAA9_RwutvwLzrg7MPyvryyMEBEAEgjMiYe2CVgqCCsAegAeTi8pgByAEJqQI9d2UW6oyzPqgDAcgDywSqBMIBT9DtomZsZPWDe-3P5NLg7ujiMgxelx-3KWQHTnWyttl9dSEo3mJP7tELF0GLQusDyzxpbyveiHA4MT2sL4Lmy671ckJkN5kKQJFAAnrXuXS8ifbFgJp-GSl-uSFlJ3zFugxdMWGhdIYp9A2Qi2uauEjPMSu-6_1QYgUHmnZNSb2ULmOa9Q7NnUzSPQEhWogSHTAk6HFkK-2euSxW-dRa9om4Ua31KOzgu6mtlvmfNpVarflmZ_YBMj45YgR0b8URRHTABJLugaf3A4gFxYuslT2SBQQIBBgBkgUECAUYBKAGLoAHhJ2N5wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCYsAbSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WK-WkunR4oMDmgkUaHR0cHM6Ly9hcnQyNC53b3JsZC-ACgHICwGiDAgqBgoErLqxAtgTDogUAdAVAYAXAbIXHAoaCAASFHB1Yi02Mjc2NTMzNzkxNDI4MzI4GAA&sigh=7gFIyGA_Xuk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_gEQRsZ7Y5keblzVrDTx-45GT4RLH_A4PMI1ZMA1nInyR7l0FD5AZ8hRxW7iLkXIHXUNUmILjtBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225362995904353075175%22,%22debug_reporting%22:true,%22destination%22:%22https://art24.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22320647524%22],%2222%22:[%22true%22],%224%22:[%2201-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228389867580753609153%22}&andc=true

Request Chain 126

https://hal90009.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpZyCgtimZbylBemRpt8P0euaqAqm5b2gaYWVnKfJD_AuEAEgjMiYe2CVgqCCsAfIAQmpAgveFLCSULI-qAMByAObBKoE3gFP0Kju5iqSPBkrs4nNKBJfGlAhGg3dLTaAW9BNZB_b17PUvgAc6dy0IgUrBcA5tg9W_9_l-sA8hOOgpPuSpYBdOp3bnBFKcmPBZvCKo1kxE5VUh0p1v1CZDkgqcilwa8sBYvzJvjlfFTC74gMNGegUxyUaFXjCUxb5ZoSjz1T64y7FH6WfUvH_4ZkecjCVaqbdSPclR4aRhJ1qIBx2_JQuFL4yjPrAyGBNEgP3D055eiQ14986yPgpUMYr59KO85MT_F342q3cIdWbYDaJf5SoXtQcUsGnb50mffFzZK7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYub-S6dHigwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB%26sig%3DAOD64_1OuFbfeVnOc6GMqer0_UEVAwCOkQ%26client%3Dca-pub-6276533791428328%26dbm_c%3DAKAmf-AsgC45LGyyWPnooJTxHoak8TdnNb3uR-uBcmRlixH7PnTIvEJ_YCas1sfnIMuMIhieb31avCDjb-puXBkhXl0KdcEMb45zxLRCy0wMMr7Xo-u-mxjENRoOq14uF9fLCO7hlhNCe4LwTCZcGrKn-lAEFejK4KRgMmT4BKlz985AjQnXO3I%26cry%3D1%26dbm_d%3DAKAmf-ABf8wl83E3QNLDHhAF5Q5hbXyKV7ffmBM4XLMir5puyoc1ZWCRR6s9KManwOFmQ85niEt2RXMYGycz8Sc1SX8PV0-ewyAGSifecHhmeuXKXEAnFlxVMkF9NjkXARq7X4MARVOOn2BZ3VyqCVE80_QfoDRI2AOttDp66OG74f3jXVXyduOByjdKW7ma8m_3JANpKpQGdYTlJejwge3UdSG8Aga5p70smc30cUJIiBnK85PGavjF3zGkDwJgSL0JG8BnoQFSJ1kKT6zBXt6wbtY8oodjC4yr9Faiv_JcIaCJ1Jehx0-sTsEzE0LTDInb-Ps201O1YsbTx6RSPltd17atYM0Q88O2vgtetmpLogX-_YV4m7XunkruNMy5XzM-Ie7XtOHb-6hbsqdWXyqya-p7-wYFAf4YXYo2Dx68AAM4MMKHZHXs5nphyH9qY8k_eC6XSMRIk67ddEWtWLmBs1aYPrZxSg5UISFipcAPBAk65nzNpoLciu52QINnipadP0gT2wJaHXw2yXLdB5smoZ3YphHoct0nYmD-m7Ce5Q4-sTd2vS8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6276533791428328%26output%3Dhtml%26h%3D90%26adk%3D1143835972%26adf%3D1117478253%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705433217%26rafmt%3D1%26to%3Dqs%26pwprc%3D8016500324%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fz4a.net%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705433217888%26bpp%3D1%26bdt%3D3421%26idt%3D1%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D8319729639551%26frm%3D20%26pv%3D1%26ga_vid%3D302895897.1705433217%26ga_sid%3D1705433217%26ga_hid%3D701868027%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1544%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C95320238%252C31079266%252C31079438%252C31080224%252C95321627%252C95322165%26oid%3D2%26pvsid%3D1834627871872826%26tmod%3D801129996%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fz4a.net&random=7375436638700&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90009.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpZyCgtimZbylBemRpt8P0euaqAqm5b2gaYWVnKfJD_AuEAEgjMiYe2CVgqCCsAfIAQmpAgveFLCSULI-qAMByAObBKoE3gFP0Kju5iqSPBkrs4nNKBJfGlAhGg3dLTaAW9BNZB_b17PUvgAc6dy0IgUrBcA5tg9W_9_l-sA8hOOgpPuSpYBdOp3bnBFKcmPBZvCKo1kxE5VUh0p1v1CZDkgqcilwa8sBYvzJvjlfFTC74gMNGegUxyUaFXjCUxb5ZoSjz1T64y7FH6WfUvH_4ZkecjCVaqbdSPclR4aRhJ1qIBx2_JQuFL4yjPrAyGBNEgP3D055eiQ14986yPgpUMYr59KO85MT_F342q3cIdWbYDaJf5SoXtQcUsGnb50mffFzZK7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYub-S6dHigwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB%26sig%3DAOD64_1OuFbfeVnOc6GMqer0_UEVAwCOkQ%26client%3Dca-pub-6276533791428328%26dbm_c%3DAKAmf-AsgC45LGyyWPnooJTxHoak8TdnNb3uR-uBcmRlixH7PnTIvEJ_YCas1sfnIMuMIhieb31avCDjb-puXBkhXl0KdcEMb45zxLRCy0wMMr7Xo-u-mxjENRoOq14uF9fLCO7hlhNCe4LwTCZcGrKn-lAEFejK4KRgMmT4BKlz985AjQnXO3I%26cry%3D1%26dbm_d%3DAKAmf-ABf8wl83E3QNLDHhAF5Q5hbXyKV7ffmBM4XLMir5puyoc1ZWCRR6s9KManwOFmQ85niEt2RXMYGycz8Sc1SX8PV0-ewyAGSifecHhmeuXKXEAnFlxVMkF9NjkXARq7X4MARVOOn2BZ3VyqCVE80_QfoDRI2AOttDp66OG74f3jXVXyduOByjdKW7ma8m_3JANpKpQGdYTlJejwge3UdSG8Aga5p70smc30cUJIiBnK85PGavjF3zGkDwJgSL0JG8BnoQFSJ1kKT6zBXt6wbtY8oodjC4yr9Faiv_JcIaCJ1Jehx0-sTsEzE0LTDInb-Ps201O1YsbTx6RSPltd17atYM0Q88O2vgtetmpLogX-_YV4m7XunkruNMy5XzM-Ie7XtOHb-6hbsqdWXyqya-p7-wYFAf4YXYo2Dx68AAM4MMKHZHXs5nphyH9qY8k_eC6XSMRIk67ddEWtWLmBs1aYPrZxSg5UISFipcAPBAk65nzNpoLciu52QINnipadP0gT2wJaHXw2yXLdB5smoZ3YphHoct0nYmD-m7Ce5Q4-sTd2vS8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6276533791428328%26output%3Dhtml%26h%3D90%26adk%3D1143835972%26adf%3D1117478253%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705433217%26rafmt%3D1%26to%3Dqs%26pwprc%3D8016500324%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fz4a.net%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705433217888%26bpp%3D1%26bdt%3D3421%26idt%3D1%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D8319729639551%26frm%3D20%26pv%3D1%26ga_vid%3D302895897.1705433217%26ga_sid%3D1705433217%26ga_hid%3D701868027%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1544%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C95320238%252C31079266%252C31079438%252C31080224%252C95321627%252C95322165%26oid%3D2%26pvsid%3D1834627871872826%26tmod%3D801129996%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fz4a.net&random=7375436638700&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 130

https://fw.adsafeprotected.com/rfw/st/1925915/77841638/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015411622&ias_pubId=pub-6276533791428328&ias_chanId=1&ias_placementId=20939250460&bidurl=https://z4a.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jyk-FApHo2nWYektXX9TDx&adsafe_url=https%3A%2F%2Fz4a.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fz4a.net%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D3895348141%26client%3Dca-pub-6276533791428328%26fa%3D1%26ifi%3D5%26uci%3Da!5%26btvi%3D3&adsafe_type=be&adsafe_jsinfo=,id:4c59af51-75bd-a300-4859-c2634ba6e0e1,c:1uGMuR,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-p8jmt,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:192,mot:0,app:0,maw:0,fm:u1yvZ7D+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1611%7C1612%7C171*.1925915-77841638%7C1711%7C17121%7C1713,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:212,oid:376df2dc-b4a5-11ee-bbb9-2a5600ffa708,v:19.8.473,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

Request Chain 152

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNzH8OnR4oMDFTsMogMdQ5UG-A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537

Request Chain 160

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHKsnytjqMyGHoeak7tebgM&google_cver=1&google_push=AXcoOmSR5Q_9HeGBVBk7BlQJGuPzwRkyK1cBRowGeXVPnGtLG9Yaa8cxAhs8Og9u_xD4fFyzsFNNLt_QRgPs3NdK-VWux3m3gxvkYZeR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM5NDk2MzkxNTgwNTY4MTAyOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJFUYtATGJSHAJONPhdT4WI&google_cver=1

Request Chain 162

https://um.simpli.fi/gp_match?google_gid=CAESECsilAznPYh7SvuKVkGPNFo&google_cver=1&google_push=AXcoOmQyAGaO7iHZytqus6bE-v6ryJY-0edzA2biWcEN2Gp6f7J82l6DXkPF9r7ZDP7nwDwXWQM7WqdepCFHZV4pJJzF6O4zwHxaBLbY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0B7A9E7722B4E3DBCFC642276CAE490&google_push=AXcoOmQyAGaO7iHZytqus6bE-v6ryJY-0edzA2biWcEN2Gp6f7J82l6DXkPF9r7ZDP7nwDwXWQM7WqdepCFHZV4pJJzF6O4zwHxaBLbY

Request Chain 163

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENmD9d6JFVG1ksht--VfxmI&google_cver=1&google_push=AXcoOmSqMqo3PoAw2Jz0gDk8KRvgweUaAGFO1GaGnK3dcYRdNQDmJZZzylVBLtXbin2ngUFDsOkmHfrnb_AjTj42qBy1xOjjzm-P5B1U HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSqMqo3PoAw2Jz0gDk8KRvgweUaAGFO1GaGnK3dcYRdNQDmJZZzylVBLtXbin2ngUFDsOkmHfrnb_AjTj42qBy1xOjjzm-P5B1U&google_hm=hmWm2IL0546S4orojA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65A6D882F4E78E92E28AE88CBLIS

Request Chain 165

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ4qvDfoQ5BAP8iVMHximoo&google_cver=1&google_push=AXcoOmQ1BdKB94-2ufDFD3CgkECP9U0vY27eytV3GXaovYDQwykkpAgSA8nknj9qOHzWEOfEEGbf58tz_a5Tfj3uGZwcZkat13GNm1vt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzMyNTAyNzM0MDA4NDY0OA&google_push=AXcoOmQ1BdKB94-2ufDFD3CgkECP9U0vY27eytV3GXaovYDQwykkpAgSA8nknj9qOHzWEOfEEGbf58tz_a5Tfj3uGZwcZkat13GNm1vt

Request Chain 166

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELluyo_iKZwNyOR93yvC4tU&google_cver=1&google_push=AXcoOmR9GSncF8whNVyyL_hJ0r0d4RE3roa5yESOAa2Vu904Nfxk7gNGt9EiSRNq6IUXFlVAwYtc3l1H-_r5z6e8RIVMLLvgyyNC3sou-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmR9GSncF8whNVyyL_hJ0r0d4RE3roa5yESOAa2Vu904Nfxk7gNGt9EiSRNq6IUXFlVAwYtc3l1H-_r5z6e8RIVMLLvgyyNC3sou-w HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

179 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
z4a.net/
Redirect Chain

http://z4a.net/
https://z4a.net/

129 KB
39 KB

929ms
889ms

Document
text/html

2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z4a.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b1eed1b648f04904806be56cedae1cc510723ff29049d0d2e6e19591dc4fcea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8468c0b0fdd9b7f2-AMS
content-encoding: br
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 19:26:54 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoujlvyyHYT0C22pBPOewpD8Uconhz9DLAcSGbfymeHYXYNKaojLnMMClzQLa%2FM3GaY9cWpGB0VqWkZFIIqIyZFymDSGuxpcz9pNf%2BBsMCidWQ7%2FZIlSFH5omRCBrDswUEBtRIjF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

CF-RAY: 8468c0b06afc6576-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 16 Jan 2024 19:26:53 GMT
Expires: Tue, 16 Jan 2024 20:26:53 GMT
Location: https://z4a.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w07reVT9PU9SPNlCC2%2FKVacpm08INfGl5mt2f%2B9ILxZtlUdW1aH7pvZR74xz65BKC5QdA3Lw6Eq8LxMPZa1BDdMvTftj3Y5GWkJkY2hfIXY0klj7LiNjuV%2F8imbfGR0MNCIjsfd2"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
alt-svc: h3=":443"; ma=86400

GET
H2 200 peafowl.min.css
z4a.net/lib/Peafowl/ 83 KB
18 KB 644ms
643ms Stylesheet
text/css 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z4a.net/lib/Peafowl/peafowl.min.css?e006262125ec9a16116f2469b384dae1

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48e66e8772080e5affc86bbc23ac2fd57863e2347e2d0a24fa5e4125b3fc5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 19:44:09 GMT
server: cloudflare
etag: W/"61955b89-14bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfkAn8VCHdEItdwZ%2BCwW8m3ldKg45QX%2BlQQA8kWixnYfXGs7%2Ben4fevFrGmAqVZOVWCPedDNgpt%2F64Z392d%2BwnaN25Z8A6UprZRSvX9tlNVK%2BZ%2FQffdOLAxPQXwFl2wSeQMqvAiA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8468c0b67d23b7f2-AMS
expires: Wed, 17 Jan 2024 07:26:54 GMT

GET
H2 200 style.min.css
z4a.net/app/themes/Peafowl/ 35 KB
9 KB 659ms
658ms Stylesheet
text/css 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z4a.net/app/themes/Peafowl/style.min.css?e006262125ec9a16116f2469b384dae1

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ef56e0c7d530369c91614f1e323973ca28faffad04bbb97e68b0816ccf5673c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 19:44:09 GMT
server: cloudflare
etag: W/"61955b89-8c1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuVKZvNzKiC0pw3jpPW1%2FQS8TZupwd4mr04oPgDeGKLOJXUBESdTODHgoX3CL9kZDnhTrZ6cFSWlYxT1s%2Fb0Pf1msUzRwE0o1SRLLfgrNwJ0ShgI2yxPNy68QFbIqSn6tThjMxK8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8468c0b67d24b7f2-AMS
expires: Wed, 17 Jan 2024 07:26:54 GMT

GET
H2 200 all.min.css
z4a.net/lib/Peafowl/font-awesome-5/css/ 58 KB
13 KB 690ms
689ms Stylesheet
text/css 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z4a.net/lib/Peafowl/font-awesome-5/css/all.min.css?e006262125ec9a16116f2469b384dae1

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 19:44:09 GMT
server: cloudflare
etag: W/"61955b89-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b911KvW9hXPk25dUcRMiZPKC1Ht3WLSBYpSBjU7ZZB8uvHK4GfV0%2FjSU3cv3lbfgukLbaSCH0in6x0wo%2B9pCFQIM3WhblCDqkWgxEbaVqyo9s6Wm0UPGqLr1i0mmzdcj770zYEWh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8468c0b67d25b7f2-AMS
expires: Wed, 17 Jan 2024 07:26:55 GMT

GET
H2 200 logo_20160329165307.png
z4a.net/content/images/system/ 10 KB
10 KB 622ms
622ms Image
image/png 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/content/images/system/logo_20160329165307.png

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c4b6ce035ed84b3498b0dc10f3e0ab8c6861ba20e92c5c9c254e93ff10e87d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 10049
last-modified: Tue, 29 Mar 2016 16:53:07 GMT
server: cloudflare
etag: "56fab2f3-2741"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVhuPrVepAvS0wZvySJFsAGE6DoVC99%2FYEb7XPOi5EZR%2FttiGeO2e3CaalMtjqfi%2BuWTIZbqRLixLjyCE3bWd8zwDSBmFD87L5tPVdM8go2ni%2F%2FSv%2FG6iGEUQC7siv2rMtq4Dcpb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8468c0b67d27b7f2-AMS
expires: Thu, 15 Feb 2024 19:26:54 GMT

GET
H3 200 scripts.min.js Show response
z4a.net/lib/Peafowl/js/ 248 KB
79 KB 581ms
577ms Script
application/javascript 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z4a.net/lib/Peafowl/js/scripts.min.js?e006262125ec9a16116f2469b384dae1

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c9a9e8360771c2e6c7f24390387d532d0ff17ed10ee83205b7019ddf271a692

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 19:44:09 GMT
server: cloudflare
etag: W/"61955b89-3de92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdrQhQ9uY3Q9PnM5Fs4VO%2F2jx1ln2%2Fu0ToRfErtT7hied9QzHHQOE4UJ9YYbV51piHiWpPTI8tnJBHk2KkNCvfOFQD1dOiTQu4Az8F9hLKK9wdJDdc%2Ba7orYklLoBOg5gGUV9IUF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 8468c0ba9b19b8d2-AMS
expires: Wed, 17 Jan 2024 07:26:55 GMT

GET
H3 200 peafowl.min.js Show response
z4a.net/lib/Peafowl/ 152 KB
47 KB 476ms
476ms Script
application/javascript 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z4a.net/lib/Peafowl/peafowl.min.js?e006262125ec9a16116f2469b384dae1

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c82e03c0c1858d6e95e6695f9d090dc90c5be8f8b79b3f22232044b381f225

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 19:44:09 GMT
server: cloudflare
etag: W/"61955b89-25fde"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZW75ykm2Sxv7tHeC6smCUep24i%2BMXCOAnHe7dG8E9jIcm1zsii1g094SJ0WfCDGzA650MqxZCLiisFQAGcbRgUfwdzeOLZhLDb1p3Tt4mQ%2F686KoVQ5thjw2lPHXalkVMM4oExQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 8468c0bacb59b8d2-AMS
expires: Wed, 17 Jan 2024 07:26:55 GMT

GET
H3 200 chevereto.min.js Show response
z4a.net/app/lib/ 101 KB
26 KB 499ms
499ms Script
application/javascript 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z4a.net/app/lib/chevereto.min.js?e006262125ec9a16116f2469b384dae1

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2153e915beaff7acc17643951e8f366eb1201a564af7afb567347fc737a9d98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Dec 2022 09:03:35 GMT
server: cloudflare
etag: W/"63a028e7-19332"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yprsvL4WBKrFffhkUyx%2FVwhiA4uf%2B1ts0kfyFmn6sCXsRa62OEbwAy6uZBFW1nQZdBT76UEs7YJHf58HhVKwxDxyM%2BfaqGfHtohuBasghiBhoE8YWmuATFFPcPeDeAMF2oMh4xWv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 8468c0badb6cb8d2-AMS
expires: Wed, 17 Jan 2024 07:26:55 GMT

GET
H3 200 rocket-loader.min.js Show response
z4a.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 17ms
17ms Script
application/javascript 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z4a.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"658bfe17-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZhvd%2FreoeUEwW8%2BiRS67jyCvvkJTvga56uinn4zh%2FaRAKjNIJ%2BrgvC21OWs%2BHkp3l%2FIQolTAhBAgL9iR707kY1nqkTY25qoOpGsoc00hKoVtAqj%2FqPlWHx39RW9t9HQYKtbOY6T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8468c0badb6eb8d2-AMS
expires: Thu, 18 Jan 2024 19:26:55 GMT

GET
H3 200 fa-solid-900.woff2
z4a.net/lib/Peafowl/font-awesome-5/webfonts/ 78 KB
79 KB 782ms
781ms Font
font/woff2 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z4a.net/lib/Peafowl/font-awesome-5/webfonts/fa-solid-900.woff2

Requested by

Host: z4a.net
URL: https://z4a.net/lib/Peafowl/font-awesome-5/css/all.min.css?e006262125ec9a16116f2469b384dae1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://z4a.net/lib/Peafowl/font-awesome-5/css/all.min.css?e006262125ec9a16116f2469b384dae1
Origin: https://z4a.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 80252
last-modified: Wed, 17 Nov 2021 19:44:09 GMT
server: cloudflare
etag: "61955b89-1397c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiKYMWgUNqlTrOMNJ%2FJrLfVlR%2Bece9IdjTGcHxXfKx0nAFwhfVnViL8cTQAs%2F72U82Td15n2GAjAIhlSatVG%2BTYi9SWuXhJDMeuW%2Fm9qSXfY4aO3EGaEMq4newHIfkZBxqByiKPr"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8468c0badb7db8d2-AMS

GET
H3 200 fa-regular-400.woff2
z4a.net/lib/Peafowl/font-awesome-5/webfonts/ 13 KB
14 KB 519ms
519ms Font
font/woff2 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z4a.net/lib/Peafowl/font-awesome-5/webfonts/fa-regular-400.woff2

Requested by

Host: z4a.net
URL: https://z4a.net/lib/Peafowl/font-awesome-5/css/all.min.css?e006262125ec9a16116f2469b384dae1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://z4a.net/lib/Peafowl/font-awesome-5/css/all.min.css?e006262125ec9a16116f2469b384dae1
Origin: https://z4a.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13588
last-modified: Wed, 17 Nov 2021 19:44:09 GMT
server: cloudflare
etag: "61955b89-3514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVk3G3Y4LqO0vGUI6PY1lR2yOiRd%2BCOLMZA19tN5QFhOp3kLZBsaW5wnRypUIlNhy29YXlO4qHEHoapE75bSvDPUN2h%2F5Eu4FROXN0hUaam451Y1gloBGjn8ed0e5BtdwiXi5dYK"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8468c0badb7fb8d2-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 69ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-76967492-1

Requested by

Host: z4a.net
URL: https://z4a.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3aed7712c20249e5ce2f633d3ccce576e5f2863b39664d6042f690fff23a39ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69352
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 18:58:32 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jan 2024 19:26:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 118ms
74ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: z4a.net
URL: https://z4a.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cea3ab340fca277012c43291c399d671e2777c383696e19e48ca81afbdfd947f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51456
x-xss-protection: 0
server: cafe
etag: 5934087372813771092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 19:26:55 GMT

GET
H3 200 home_cover_20160526090536.jpg
z4a.net/content/images/system/ 152 KB
152 KB 701ms
700ms Image
image/jpeg 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/content/images/system/home_cover_20160526090536.jpg

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae27dd299e6d62cc88a0a6fc946a8412af6f47199771da1dc146db4d7bff57da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:56 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 155194
last-modified: Thu, 26 May 2016 09:05:36 GMT
server: cloudflare
etag: "5746bc60-25e3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RurqG5byBWdZpvSA8XBmIWo4sZzJ%2FNPLzkIe%2BrsnKTFaW8cFEKCfOo5qJMxku4JAEmWcnq7eroy4JSVoWfug5vA%2B8R5jO%2B%2BGwLDEZLWKFgKVnLRx2rzy79uMGtfMwlfxCqhLl6VF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8468c0bea8f5b8d2-AMS
expires: Thu, 15 Feb 2024 19:26:56 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6276533791428328&plah=z4a.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6859b69c71cfeffd2bb7ddf052908d8f6f00099025f40a63d8fcf2cd5e5f69f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139379
x-xss-protection: 0
server: cafe
etag: 6214020716680535256
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 19:26:56 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 01A2 9 KB
4 KB 54ms
16ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://z4a.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 20:40:12 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 20:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PCWFZC6656&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76967492-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb06bb1503983abdbf8fea522919d6c8994a74eae8a7464d8c6da87f24481f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79857
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 19:26:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76967492-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 19:26:37 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 19
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 16 Jan 2024 21:26:37 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 49ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PCWFZC6656&gtm=45je41a0v9111573087&_p=1705433216629&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=302895897.1705433217&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705433216&sct=1&seg=0&dl=https%3A%2F%2Fz4a.net%2F&dt=Z4A%E5%9B%BE%E5%BA%8A-%E5%81%9A%E5%9B%BD%E5%86%85%E6%9C%80%E8%89%AF%E5%BF%83%E7%9A%84%E5%85%8D%E8%B4%B9%E5%9B%BE%E5%BA%8A%20-%20Z4A%E5%9B%BE%E5%BA%8A&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3318
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCWFZC6656&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://z4a.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 63ms
21ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PCWFZC6656&cid=302895897.1705433217&gtm=45je41a0v9111573087&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCWFZC6656&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://z4a.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 81ms
40ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PCWFZC6656&cid=302895897.1705433217&gtm=45je41a0v9111573087&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=967967943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
201 B 21ms
20ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=701868027&t=pageview&_s=1&dl=https%3A%2F%2Fz4a.net%2F&ul=en-us&de=UTF-8&dt=Z4A%E5%9B%BE%E5%BA%8A-%E5%81%9A%E5%9B%BD%E5%86%85%E6%9C%80%E8%89%AF%E5%BF%83%E7%9A%84%E5%85%8D%E8%B4%B9%E5%9B%BE%E5%BA%8A%20-%20Z4A%E5%9B%BE%E5%BA%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2008840294&gjid=1659684472&cid=302895897.1705433217&tid=UA-76967492-1&_gid=1833060869.1705433217&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=954060139

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://z4a.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://z4a.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 159F 235 KB
62 KB 978ms
977ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&adk=3895348141&adf=3876334049&lmt=1705433216&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=https%3A%2F%2Fz4a.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433216669&bpp=5&bdt=2202&idt=144&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8319729639551&frm=20&pv=2&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6276533791428328&plah=z4a.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1f19b035a48ad9f11e3cb32f0438a334b98efc3d07b269d0f2f0111a0944b4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://z4a.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 62901
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:26:57 GMT
expires: Tue, 16 Jan 2024 19:26:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=top-bar&cls=top-bar&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 88ms
57ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae19101b84ce6248d41292c60d13c032465e531e6235542716cf9f25e6c4662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12291
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-76967492-1&cid=302895897.1705433217&jid=2008840294&gjid=1659684472&_gid=1833060869.1705433217&_u=YADAAUAAAAAAACAAI~&z=480834068

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://z4a.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 16 Jan 2024 19:26:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://z4a.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 74ms
38ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-76967492-1&cid=302895897.1705433217&jid=2008840294&_u=YADAAUAAAAAAACAAI~&z=982775433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 39ms
39ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-76967492-1&cid=302895897.1705433217&jid=2008840294&_u=YADAAUAAAAAAACAAI~&z=982775433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 89ms
50ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Jan 2024 19:26:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3B58 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://z4a.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 12:25:58 GMT
expires: Wed, 15 Jan 2025 12:25:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9005 829 B
994 B 24ms
23ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb4031d2ddf005d740d1278eaf4afafd4ea836d3c61a1ccd27cdffe9c11ba17a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pWlYSaSJASosApYck1ZhnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://z4a.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pWlYSaSJASosApYck1ZhnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:26:57 GMT
expires: Tue, 16 Jan 2024 19:26:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B58 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 08:55:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9005 0
0 44ms
44ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1834627871872826&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3B58 0
10 B 15ms
14ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IHq4BQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
47ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1834627871872826&bg=!JCelJ2jNAAaumcC-jpk7ADQBe5WfOGwxooW8ejphivski8j1R9XwsBVkv3pXjnahj7s4YKSXR3rGXeKxIviAPY0RnVA3AgAAAF5SAAAAAmgBBwoAxKJIv84eIOdGYqDWaLZpjQzPO4CBf6VrtKzM95lkbdAranJT1cZMlwsZyy3YhO0YmMDpp0-BXzKFxWm5fx6c-LCKT9c6ZxQvP6e8-sqoARoMx6nnClmKLn82cZ-OYy5cydVmUEMNYE1zVyDJdm-HSpxW2ICNJDvXAyQnHuXpCH-Zt3xujn3QeL4YM37LpiDDj9oo3QFkK0nOvw-F1XUe9XulCq5ONje5W-Phih-fjy7As3FrAjLwxWelP-Vo4EGDjPdvj6eZArlzRqdn1N4majwZEDk-LFU1_NbGFGTnfl6GgeIN4ljXxFWAUjdzewI_CEfqUmlby8j9JzoPBiAIEC2zElAzxLSzNGJYmZMy0_B53cZjPV3q9BLpplW2MBrOgsqWpMbQXpIppjG449hsz9wx76zl36bLLcIlLPzJPU5w5rEqjlR0GxxXky3zykx0N8ExU-L-bIZFVEjaf22f2bCKq_3se0sQImzR6OLWkcq2EpEYoXuAnd4mLxfoTld6qo1WPXEO3wRbmu69nP4WtcORZel0uBlMqqGH9Ir-WR8EmnABi8FmUmeVLX-1L8SPSgBYISykuWECZPsE4xkmUNQFfkKE5OkOnQFKaKHo2SI0qyoBl3kWFctAjM12HxFHFgeF-HdQ_FvX6U2vIaje5iWwdqgrURP7CFin2zPilUHnVYUje3oZxlk7NozHJgGbCd0TdTwfg7GO_Hw-pdL-NsNAgX7BSAN76oskbRqR3LuGSK2KF1tErmKVrrMuENEk6ObkTUhnYlJY8hF0qteETq5LmisDqrhpdwQt5xOPHiEmum0NtfwnWffu7PDWJYFf1CCMDVwbXplITILZdhBYcnxscpAlII7GXERMhK1_uhSMRxqUKHiwED2_C8lQcLSonVag_hPQ2gtiuMyZcniIERrrqJd4ojhaa0UDsp-KLaT4E34otLTjQ9fsAko5Z7v3UqQk21fe2q5H3RsROTM2PGVz14xTQMpBYc_WqJbBVP-qQVql8BPvxW3my0ap6cUhUCgESuGKd2Gk1OhCFr4Ey3az4TvL9PWKvq4WVUGkujoAeBiSIdRKW6FwteiI1tqyBvegi7CU0AclY5gzW_xM5ytaTavaH4dY-D2RSWwzfcHBv5t8L2hWQGan472aY17zKqowKUeJmoBJY_BUKE3qpiS8tqAvpllxORmj0jwKpvEj
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87a5ced2a3f05591404b0fd2b735e8fe56edf86a437f27b49d3d6ebc0a181c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56395
x-xss-protection: 0
server: cafe
etag: 4881723130422468132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 19:26:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1269960165688064&num=0&dvc=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1269960165688064&num=1&dvc=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2126583762293639&num=0&dvc=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5E13 134 KB
44 KB 681ms
681ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=280&adk=3175694369&adf=2617822577&pi=t.aa~a.1981750379~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x280&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0f761b831739a407229c936b22dd5a65fe4def245d4adf8977af514a2bf85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://z4a.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45532
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:26:58 GMT
expires: Tue, 16 Jan 2024 19:26:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D56 31 KB
13 KB 651ms
650ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def88eaa113bdc425c48d7f3c190423bd3f9a7f866bc26976ac9ab8ff86e34cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://z4a.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13451
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:26:58 GMT
expires: Tue, 16 Jan 2024 19:26:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 404ms
403ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-6276533791428328&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=false&a=6%2C1%2C5%2C7&apv=20240114_093436&sat=1705348404967&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=0&mdns=0&alldns=0.226&allp=24&fd=(0%2C3%2C2)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1637&abl=false&rr=n&su=z4a.net&pvc=1834627871872826&r=0.1&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://z4a.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 7570 9 KB
4 KB 17ms
17ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://z4a.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:48:14 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 21:48:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame DA0C 9 KB
4 KB 17ms
16ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://z4a.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:48:14 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 21:48:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 7570 4 KB
1 KB 72ms
27ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 18:53:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 19:26:58 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7570 205 B
650 B 90ms
25ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 10:38:20 GMT
x-content-type-options: nosniff
age: 31718
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Jan 2025 10:38:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7570 604 B
696 B 90ms
26ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:30:21 GMT
x-content-type-options: nosniff
age: 363397
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 14:30:21 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/ Frame 7570 16 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:24:54 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/ Frame 7570 22 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:17:27 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 61FD 624 B
246 B 54ms
53ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOPKvIMCMAE&v=APEucNVcP6LDD3fwKFe899v4CKxMP9Cr16sCq0O_PolN0SExsqWkxS_MXs0T5yoJ7ZVW2BRfhmfJ0qgLEnQDfDsQqNSVMZTlpwzg-319MbGuSYPudgJLFSvYNo3JkHfUQJc0H2P7UCy2S9SOiE8lehA5rrB1yPWv0BGzEWlZvj1vEeKp6zgXM5M

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:26:58 GMT
expires: Tue, 16 Jan 2024 19:26:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CC8C 89 KB
31 KB 117ms
114ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 19:26:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame CC8C 3 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/window_focus_fy2021.js

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 19:17:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame CC8C 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 19:17:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC8C 205 KB
65 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 19:26:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC8C 42 B
63 B 53ms
52ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8WP0RMlIwC66NIIHm2suIibfaT17wQhQEn7tXLGYsRjXwb_v1DX6nvfLlhOdhru4sV858smzZrWw-N3ocdzGEzkQ3N7XumQJOYotKbpT6MES7FY8

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 61FD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRTE1oSN-YG_mB3I-JTzZw&google_cver=1

43 B
773 B

26ms
25ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRTE1oSN-YG_mB3I-JTzZw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOPKvIMCMAE&v=APEucNVcP6LDD3fwKFe899v4CKxMP9Cr16sCq0O_PolN0SExsqWkxS_MXs0T5yoJ7ZVW2BRfhmfJ0qgLEnQDfDsQqNSVMZTlpwzg-319MbGuSYPudgJLFSvYNo3JkHfUQJc0H2P7UCy2S9SOiE8lehA5rrB1yPWv0BGzEWlZvj1vEeKp6zgXM5M
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GjclmDQ8%2Bs%2FFT%2FhthXkiBZRxgmyHdDLCbC3t1M6WjKkTGddONu9aOyZ%2FT38xVFwod5fHDxAxoa%2FzfxAIwkhU5sdeQlHxDEtRmoNQhxbvbhBnuDADgxCSf5G28%2BH6ryxH2CiqCVmRDqPTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8468c0cfeea43a66-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDRTE1oSN-YG_mB3I-JTzZw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 61FD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZabYgs0vnouGRkorQ8EBWAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdnHxZeRj7A7y2nmBpORfw&google_cver=1

43 B
739 B

28ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdnHxZeRj7A7y2nmBpORfw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOPKvIMCMAE&v=APEucNVcP6LDD3fwKFe899v4CKxMP9Cr16sCq0O_PolN0SExsqWkxS_MXs0T5yoJ7ZVW2BRfhmfJ0qgLEnQDfDsQqNSVMZTlpwzg-319MbGuSYPudgJLFSvYNo3JkHfUQJc0H2P7UCy2S9SOiE8lehA5rrB1yPWv0BGzEWlZvj1vEeKp6zgXM5M
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snECpkntURpDnXU2TGZKuKLiUKw43MQa%2B2KIY6P5ue5EgRJIkxu%2FBLLT28qWaJS%2F3uV2AH0U%2B7kPRM655ZSWukgh%2FO%2F7Pe8N%2Fyc6Ct1Gfp7kCi9L3NAmoZW6zyCXMXj5fYDRKcypCKCR9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8468c0d04f153a66-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMdnHxZeRj7A7y2nmBpORfw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 61FD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENyxYeefOavgQr1mhzELU-8&google_cver=1

43 B
1008 B

8ms
8ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENyxYeefOavgQr1mhzELU-8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOPKvIMCMAE&v=APEucNVcP6LDD3fwKFe899v4CKxMP9Cr16sCq0O_PolN0SExsqWkxS_MXs0T5yoJ7ZVW2BRfhmfJ0qgLEnQDfDsQqNSVMZTlpwzg-319MbGuSYPudgJLFSvYNo3JkHfUQJc0H2P7UCy2S9SOiE8lehA5rrB1yPWv0BGzEWlZvj1vEeKp6zgXM5M

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
an-x-request-uuid: 1b7ca637-5d94-4402-9088-b70a420c69d1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.130; 178.162.209.130; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENyxYeefOavgQr1mhzELU-8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 61FD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0MzE1OTU3NDUzNDExOTgyNw%3D%3D

170 B
243 B

35ms
26ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0MzE1OTU3NDUzNDExOTgyNw%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
an-x-request-uuid: 24536bea-5234-4816-ad6a-cf26eb3cfef1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0MzE1OTU3NDUzNDExOTgyNw%3D%3D
x-proxy-origin: 178.162.209.130; 178.162.209.130; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 59D8 14 KB
1 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 17:32:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 19:26:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 59D8 2 KB
822 B 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:00:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/ Frame 59D8 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:09:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2687 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 18:38:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 59D8 3 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 19:17:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 59D8 20 KB
8 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 19:17:25 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 59D8 205 KB
65 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 19:26:58 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 59D8 37 KB
15 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Apr 2024 19:19:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2687
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
23ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:26:58 GMT
expires: Tue, 16 Jan 2024 19:26:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:26:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC8C 0
20 B 44ms
44ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5176278700984&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC8C 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5176278700984&version=m202309260101&ct=76&x=1&cor=12709553397576671000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CC8C 108 KB
41 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVn4XzQKIhnvLtIC-NMZTWyZoQswTx9NC1vLMsJvZDCcK0OdjJ5Eon6eyPBZVCrAByiAIIYagOwzgMvfaG5Oj3yXDrXuY-QickkXsP3Dib0rhuATDzcZAcTe6D3nlIwre48YHN-eL8i6jr520CfvCrtjpWzosjWP2nFxeOk1CqOLwD8cI&dbm_d=AKAmf-B7xkNVphsb7UGyCfbsOkfvxLG55faZ8W4xCNEGRY9teI_k8hvIQ9hBOK8Kw_CqMhPG_qEPfvCNFdtWQ0IZ_gVPczkbQKADKksXKvcVnsPYmI976AFe4ST4ZxI0Dnh4fOZ5H83QpqrQdFizpYJ0BrcVkFCJ3xfU-VzeeVFTJwS1nYwX5N2yTEnI7NcnL9Ix4ZvROxe1asgQgTnvuQ6zOZu6w-3MV8NM4j6HBeBvr81U72hnMdiFLuxj1UfjToA3deI1Gq9n_YlowaaTp2Rk0epmxGKhoSxefJDuneUsJPnXrRc6j91Ns-5lcuEN302wU0EIREcGNw760lvkEU4CKZWSMQ-TS_09pCZ7qD9r3nNLM0JZd8AOB1_8RR1efETDHyVesIIRabC8lwTLB8zngfivzGDtP2v6Rg3bqNifYbSQBxC-vVgWRCsTDb6R-GWMeQ3GDGmrXInKP3zQd3NpZDfamxy97EHYFkcY1z0K0UwwHu--4u7tXr2xaEXaA0w1P7kHWal-8IPjQEJ_zJShGSos_PrAWtgJE09ciYtbmkCtx17A0bUYHOLM7bxck2dBOBjM70eEq5QtdNyu7Yb50Wq3hJbttGze53hS0Pcqt2XHovkvB-_iJzGWakEYg5kKGsb8uLLUsuICmQ03i_7oGk2S2pBC4y5S94xoh1E5P6T4Q7j3QNtxirSdZv1fNsV-ImkiMlt6dB4LU2JZ1OATuASNiSAkNQQK2aLY7sKXk8dCQZP4P-Nr9iwdRGX48gIbXieygnVGB9RA1B0kIxpOVanHR5rD5ZInfrhJXH7rsEnsTqRYykg1obp8XKGgFAxGBCp-XlUNa8H1cYEavuqOnO-58m4pJ4QtWr81QUTulIeQFrZ2kURXmFYncPj9riKewb4cgFuID_tefwyqUbU8nmXKOZ92TNnaBq1yekVVLbCI8BSN2lZ50rfE-m_YruClP0E_dqbcp5neMcwUBeQYrSgNm2Kw_YvyD4suYNiY2Alz0J-dHrUqDpl5YEa4eoSxltQoAHr9FfUHmFpTuhjGGR0mAh8eoqdVRJV6P8oPHo2Q5Oz8AjeUuVotVzVxGkH5eEqFiTfmAGh3Rx-jxs0Qg42eSMXHPbrkMz8Bi3HIBX8RGYtMmACFVjIoOWan-CKc7RoMob1y9_yhicocaW5uJlxRh-C_LY3UiA5bexJDDp1AoEK98K5_HuuB4nMIjorkYRiDciABFlFsuZAaVhTnIO7y8v0HN7Nl95VmnnG7rcCjvuKyLuRV5tqS3U_kDxsJ89qbHD7gkD50Sr0u1vEB_0YhnIo-LDV4cTy9kc28o4USsL-5VJ_tiMIIwztxDUcw62u6t0IcGO7e0qO9GeXTlxMvp8KyXN7Gr4v7M4Z5yYry4gXgS6yMXUweuyLvhsN63_wRkOyoR1zKnmLvWiXoLS6n67RbEManRQRHzmQoFen-h0JKZGO6qNg9GVfR6PRnF2v6BHXHFM3MQrRx2mnYzQBtk6ujEXqTAA2z_qtrjSJ-Z2KcYn5pJrTwLg10AEfhTmYqGuEge_Uod3R7gIzIDQtulwEdRXNfoJIBxobqCpJPPcE-zlK_w_GQiM043i2DUB6FvdULij5D7MPigsI7iTKwWYzeLfaiSYnhxYEtq4BU4Ag98UfHqEKhm23THtJLEO-ruDVhF2dsOtqKT8ryUSvuaqd7rssY1XedXS9iv6l64sWqTZLM6ufONEZMARJivR5ZO26QbokB167uBG3oCOKsbG_15RyeDfannxzq69Oic-ISwU10iNUYQdbd8yS-6Ll6_Lj4ms8Fxs115xyemaMYwznetp1yqk-xqlGlnYC4leMUudmvBqNddLqzUaujNg5PTzN16zvk0JoEsbROtktq6ZevNnL4tdcuN4hZoMEWvRRAxelPOiJEe3oDtSVizwdzjNETcHilPThMcKodsn1_MsmXtGyY_JLnZxOnmkRNeFGBKiWbqgQWt46E-Z8b5H3G0bikI88wlqEKP22nafHY0cW-dOVeh4g6YUN-ce3oE2IlewPgvU2Pc8KQNeEYe7iIJ7sDmEk2JLJt_3TIkkfylDhofu8f5GRjSYHqvou_yFqYBSxmINJyy7yfaM4GWRmwriOMg-ZG2ajXmJqYe-MN2JYx6bAhhPLHi7Pr441yDrRKHhanXJ6uaj6f9QloQn6RjdulApaJHv30eCq3wYS909GKDvkS382nHamQRkJEmZu-C1T2S9z_YOc035OgL-eI2UOQRZmMQpDRKFnXcZUgb0ClSUeXaTjjmEOiHS6D2zmeJE7DQDATYnRY181tHbNGO2WhJ55lXkeZ9u3QjPQE_sjidMydiotqdgu8fPGzQ784_PRiz3IXe7U6XgUpGO0f7XD2ADFtiab2TJYo86ZR2FALB8sysGjFiaJbLlazQcL3F_29MwFYfmf1sr4lCgnNoiuVQm7NAKku8KZJN8bowGNLH7-Pp0GwHOYkB5SkZm9MKUycuILzhUsGwj5EVNiar_QWvkc2Qa_iIZvxhG7okUFJ87g4rnjsRNOGyBxhCSywx-LPzSYBp5MdKKtcvFdDLhBHlr_1XWyevMQr_dIgHiuFf30wkhuj-qYEESusy9LZ1mlK7aypAD2mJmLEtaw_T76ZzhfI-Pr0ZsEE9dnLhAgptGQE3uloK5kefOwWJPLsi4_9j8ueDlh3xtz8SOW_AnbvQPQFbLU9KBL78D6GDBwNIlEchczvKUBCOrXi_WF6kZ3t1k1Vr145NGZS4YCXbl95_AkbN5-yzVtEBDr75e-LpoBdIQhiMqs4tlVJzoxUlHU_nXhFTmsVRCv2fzHTaaT7UMwdXHlTlRj6dLCaqQRoqQFCyxRTxj6PSd2j6ZKgRVWVBgPdCqZMPxk_gMY5oihpuk9Wwbo3o3e8Up24q_uZHD0W4MRsAn7-fwfeC1RSI646-_Exfq5yTCNanQCt-VRriWQqK_bM2kHZiS2k8FIh2rneGlfhafA_h0W7ffObV_OAdCDUYTuzcMBT2DsUJ8AuBUqNKLdp_HXl62WP3MBLL8hI78BoAiehly1jEs_sUlTKqp2a4QyN6icGtS7QxHf_IfPuWwfrRYwWot8rLKTZh0bnNeQaTu3-A_GtUiFp0qflKK-Nko6_dXOBasvxI5-f7vPGMPzSL0PyD067uK80bCes0ihEMlsP4RcYpry61E0PakPRvxVqgTebrSDD_HrRDdjPoKa1yrAMdZ4pGJae1uGhsHah27mYnGg5e-PhUqMXA1yxJeQPCvLwJZJoBtzCNC_M4NRXs7rspdsuShtmC40XwlqYJTBgposGkdE03a06kZf2ZOvcQMP9zRoAIpAQeXn04W1LOGLN5p_eJhsbzbyb3xVDO_dU12_TETyJbDW1A_WkTImyYMspBovDSMJ5Lzf_oeyBQu01ecPESITWDlghw_5YsBmxm5ep44lyXxC23HgW2z-P3-ORC1dJXzZPbcPEGhkRI4UJui9WP-nzMncj8TNV8kcobvLqPQLdmHcI0_9gWHk7E1xcwbp4i62Nm1RQ1uioCfsN2BrWuLS_Ga1vL6l2fOI5UX5YFcAgySCyecBd32mITjVvOtxw0J8-PRGaFt563QFgAD8BVcyntbz04BSQJ2p4lIx5mlwDh2dFv4lTdyf8vov6Kqt0-H1Y&cid=CAQSTwAvHhf_zaKWKscZNVebMF5-gMAAn-n6S3ziTBvWkayPQsJyW-eGo0bJ042Rw1swyFA88M6Wqq6c90lE88NfvSbgDfBMRukGwxVUsG2NwnQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fz4a.net%2F&ds=l&xdt=1&iif=1&cor=12709553397576671000&adk=521587873&idt=128&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6e4114fe6e6b844b270db7c28ab8a31cd5638a8682e13f78238cea0d4911fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42011
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5E13 14 KB
1 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=280&adk=3175694369&adf=2617822577&pi=t.aa~a.1981750379~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x280&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 17:28:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 19:26:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 5E13 2 KB
822 B 18ms
16ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:00:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/ Frame 5E13 23 KB
9 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 15:09:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 5E13 3 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 19:17:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 5E13 20 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 19:17:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5E13 0
0 25ms
24ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEZlTW1sO6sjmEL94H0jfb0RhGvx6X8_xzlpFBh7SHhBImIyJgR5ZNqCGwNqsb_XPyJxoMq__IGyhmebVHWNL2Y0BZbw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=280&adk=3175694369&adf=2617822577&pi=t.aa~a.1981750379~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x280&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E13 205 KB
65 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 19:26:58 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 5E13 37 KB
15 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Apr 2024 19:19:30 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E680 624 B
242 B 55ms
54ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNV9pA7AmbENMe7rXxJn7UDCTxqFYNl79e-NJ5MZUpDZ6nE0coPDHmqh6_2mQmltEzcIDWT3n7Xs3ZzmSDB4hGg5JXqIfJ2Wv_014mmuE-R7gy13p8AWXcXUdeCKbxQOnYRfCnlfUZe1I0kCI_vXynl0HfvI2wHbE7biD_Q2-IJnkIHSUik

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:26:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8203 89 KB
31 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 19:26:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 8203 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 19:17:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/ Frame 8203 20 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240111/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 19:17:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8203 0
0 24ms
23ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTk_zJMrrKhZ0yCGMc0mM5aGuGGZKlME15LWpBs-8xCIi3BUoU5YsxjbldAYV3YwD-FuAP5mgvJpgWmv8F5adjnMCbxZA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8203 205 KB
65 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 19:26:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8203 42 B
63 B 46ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bs2GfCbgtaU5nX9aHnLz0DYtzzBDi1vK4MeSuV6eXOynLH4LaL4GekMR10NszLYRCbV_0Q11ZmYlkn0LJHOWTF0UkNs2Hfnme6SRJa7wafENtL0kE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1925915/77841638/ Frame CC8C 60 KB
15 KB 110ms
33ms Script
application/javascript 54.155.202.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1925915/77841638/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015411622&ias_pubId=pub-6276533791428328&ias_chanId=1&ias_placementId=20939250460&bidurl=https://z4a.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jyk-FApHo2nWYektXX9TDx
Requested by: Host: z4a.net
URL: https://z4a.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.202.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-202-187.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4d8abbe37e0de25d12b7ba0d0add7dbb43130d420004a7b2395bd0115b30f25a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame CC8C 111 KB
39 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78159
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 21:44:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame CC8C 11 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BVn4XzQKIhnvLtIC-NMZTWyZoQswTx9NC1vLMsJvZDCcK0OdjJ5Eon6eyPBZVCrAByiAIIYagOwzgMvfaG5Oj3yXDrXuY-QickkXsP3Dib0rhuATDzcZAcTe6D3nlIwre48YHN-eL8i6jr520CfvCrtjpWzosjWP2nFxeOk1CqOLwD8cI&dbm_d=AKAmf-B7xkNVphsb7UGyCfbsOkfvxLG55faZ8W4xCNEGRY9teI_k8hvIQ9hBOK8Kw_CqMhPG_qEPfvCNFdtWQ0IZ_gVPczkbQKADKksXKvcVnsPYmI976AFe4ST4ZxI0Dnh4fOZ5H83QpqrQdFizpYJ0BrcVkFCJ3xfU-VzeeVFTJwS1nYwX5N2yTEnI7NcnL9Ix4ZvROxe1asgQgTnvuQ6zOZu6w-3MV8NM4j6HBeBvr81U72hnMdiFLuxj1UfjToA3deI1Gq9n_YlowaaTp2Rk0epmxGKhoSxefJDuneUsJPnXrRc6j91Ns-5lcuEN302wU0EIREcGNw760lvkEU4CKZWSMQ-TS_09pCZ7qD9r3nNLM0JZd8AOB1_8RR1efETDHyVesIIRabC8lwTLB8zngfivzGDtP2v6Rg3bqNifYbSQBxC-vVgWRCsTDb6R-GWMeQ3GDGmrXInKP3zQd3NpZDfamxy97EHYFkcY1z0K0UwwHu--4u7tXr2xaEXaA0w1P7kHWal-8IPjQEJ_zJShGSos_PrAWtgJE09ciYtbmkCtx17A0bUYHOLM7bxck2dBOBjM70eEq5QtdNyu7Yb50Wq3hJbttGze53hS0Pcqt2XHovkvB-_iJzGWakEYg5kKGsb8uLLUsuICmQ03i_7oGk2S2pBC4y5S94xoh1E5P6T4Q7j3QNtxirSdZv1fNsV-ImkiMlt6dB4LU2JZ1OATuASNiSAkNQQK2aLY7sKXk8dCQZP4P-Nr9iwdRGX48gIbXieygnVGB9RA1B0kIxpOVanHR5rD5ZInfrhJXH7rsEnsTqRYykg1obp8XKGgFAxGBCp-XlUNa8H1cYEavuqOnO-58m4pJ4QtWr81QUTulIeQFrZ2kURXmFYncPj9riKewb4cgFuID_tefwyqUbU8nmXKOZ92TNnaBq1yekVVLbCI8BSN2lZ50rfE-m_YruClP0E_dqbcp5neMcwUBeQYrSgNm2Kw_YvyD4suYNiY2Alz0J-dHrUqDpl5YEa4eoSxltQoAHr9FfUHmFpTuhjGGR0mAh8eoqdVRJV6P8oPHo2Q5Oz8AjeUuVotVzVxGkH5eEqFiTfmAGh3Rx-jxs0Qg42eSMXHPbrkMz8Bi3HIBX8RGYtMmACFVjIoOWan-CKc7RoMob1y9_yhicocaW5uJlxRh-C_LY3UiA5bexJDDp1AoEK98K5_HuuB4nMIjorkYRiDciABFlFsuZAaVhTnIO7y8v0HN7Nl95VmnnG7rcCjvuKyLuRV5tqS3U_kDxsJ89qbHD7gkD50Sr0u1vEB_0YhnIo-LDV4cTy9kc28o4USsL-5VJ_tiMIIwztxDUcw62u6t0IcGO7e0qO9GeXTlxMvp8KyXN7Gr4v7M4Z5yYry4gXgS6yMXUweuyLvhsN63_wRkOyoR1zKnmLvWiXoLS6n67RbEManRQRHzmQoFen-h0JKZGO6qNg9GVfR6PRnF2v6BHXHFM3MQrRx2mnYzQBtk6ujEXqTAA2z_qtrjSJ-Z2KcYn5pJrTwLg10AEfhTmYqGuEge_Uod3R7gIzIDQtulwEdRXNfoJIBxobqCpJPPcE-zlK_w_GQiM043i2DUB6FvdULij5D7MPigsI7iTKwWYzeLfaiSYnhxYEtq4BU4Ag98UfHqEKhm23THtJLEO-ruDVhF2dsOtqKT8ryUSvuaqd7rssY1XedXS9iv6l64sWqTZLM6ufONEZMARJivR5ZO26QbokB167uBG3oCOKsbG_15RyeDfannxzq69Oic-ISwU10iNUYQdbd8yS-6Ll6_Lj4ms8Fxs115xyemaMYwznetp1yqk-xqlGlnYC4leMUudmvBqNddLqzUaujNg5PTzN16zvk0JoEsbROtktq6ZevNnL4tdcuN4hZoMEWvRRAxelPOiJEe3oDtSVizwdzjNETcHilPThMcKodsn1_MsmXtGyY_JLnZxOnmkRNeFGBKiWbqgQWt46E-Z8b5H3G0bikI88wlqEKP22nafHY0cW-dOVeh4g6YUN-ce3oE2IlewPgvU2Pc8KQNeEYe7iIJ7sDmEk2JLJt_3TIkkfylDhofu8f5GRjSYHqvou_yFqYBSxmINJyy7yfaM4GWRmwriOMg-ZG2ajXmJqYe-MN2JYx6bAhhPLHi7Pr441yDrRKHhanXJ6uaj6f9QloQn6RjdulApaJHv30eCq3wYS909GKDvkS382nHamQRkJEmZu-C1T2S9z_YOc035OgL-eI2UOQRZmMQpDRKFnXcZUgb0ClSUeXaTjjmEOiHS6D2zmeJE7DQDATYnRY181tHbNGO2WhJ55lXkeZ9u3QjPQE_sjidMydiotqdgu8fPGzQ784_PRiz3IXe7U6XgUpGO0f7XD2ADFtiab2TJYo86ZR2FALB8sysGjFiaJbLlazQcL3F_29MwFYfmf1sr4lCgnNoiuVQm7NAKku8KZJN8bowGNLH7-Pp0GwHOYkB5SkZm9MKUycuILzhUsGwj5EVNiar_QWvkc2Qa_iIZvxhG7okUFJ87g4rnjsRNOGyBxhCSywx-LPzSYBp5MdKKtcvFdDLhBHlr_1XWyevMQr_dIgHiuFf30wkhuj-qYEESusy9LZ1mlK7aypAD2mJmLEtaw_T76ZzhfI-Pr0ZsEE9dnLhAgptGQE3uloK5kefOwWJPLsi4_9j8ueDlh3xtz8SOW_AnbvQPQFbLU9KBL78D6GDBwNIlEchczvKUBCOrXi_WF6kZ3t1k1Vr145NGZS4YCXbl95_AkbN5-yzVtEBDr75e-LpoBdIQhiMqs4tlVJzoxUlHU_nXhFTmsVRCv2fzHTaaT7UMwdXHlTlRj6dLCaqQRoqQFCyxRTxj6PSd2j6ZKgRVWVBgPdCqZMPxk_gMY5oihpuk9Wwbo3o3e8Up24q_uZHD0W4MRsAn7-fwfeC1RSI646-_Exfq5yTCNanQCt-VRriWQqK_bM2kHZiS2k8FIh2rneGlfhafA_h0W7ffObV_OAdCDUYTuzcMBT2DsUJ8AuBUqNKLdp_HXl62WP3MBLL8hI78BoAiehly1jEs_sUlTKqp2a4QyN6icGtS7QxHf_IfPuWwfrRYwWot8rLKTZh0bnNeQaTu3-A_GtUiFp0qflKK-Nko6_dXOBasvxI5-f7vPGMPzSL0PyD067uK80bCes0ihEMlsP4RcYpry61E0PakPRvxVqgTebrSDD_HrRDdjPoKa1yrAMdZ4pGJae1uGhsHah27mYnGg5e-PhUqMXA1yxJeQPCvLwJZJoBtzCNC_M4NRXs7rspdsuShtmC40XwlqYJTBgposGkdE03a06kZf2ZOvcQMP9zRoAIpAQeXn04W1LOGLN5p_eJhsbzbyb3xVDO_dU12_TETyJbDW1A_WkTImyYMspBovDSMJ5Lzf_oeyBQu01ecPESITWDlghw_5YsBmxm5ep44lyXxC23HgW2z-P3-ORC1dJXzZPbcPEGhkRI4UJui9WP-nzMncj8TNV8kcobvLqPQLdmHcI0_9gWHk7E1xcwbp4i62Nm1RQ1uioCfsN2BrWuLS_Ga1vL6l2fOI5UX5YFcAgySCyecBd32mITjVvOtxw0J8-PRGaFt563QFgAD8BVcyntbz04BSQJ2p4lIx5mlwDh2dFv4lTdyf8vov6Kqt0-H1Y&cid=CAQSTwAvHhf_zaKWKscZNVebMF5-gMAAn-n6S3ziTBvWkayPQsJyW-eGo0bJ042Rw1swyFA88M6Wqq6c90lE88NfvSbgDfBMRukGwxVUsG2NwnQYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fz4a.net%2F&ds=l&xdt=1&iif=1&cor=12709553397576671000&adk=521587873&idt=128&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:05:46 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame CC8C 31 KB
12 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:27:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:27:09 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CC8C 41 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
DATA 200
OK truncated
/ Frame CC8C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48494fb378d755211442e200ba4ec06ba1f6aed99e275d484b95b5340ddb9fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B4E 50 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 22:10:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 140D 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:20:11 GMT
etag: 48472445140208031
expires: Wed, 17 Jan 2024 19:20:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15939230071089432660/ Frame 5E13 31 KB
31 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15939230071089432660/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58b7a78b08cd91b627fbad38b575ffad2ccac891881a2a315151762f87011982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 08:00:13 GMT
date: Tue, 16 Jan 2024 08:00:13 GMT
x-content-type-options: nosniff
age: 41205
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31721
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 15:08:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 5E13 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5E13 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E680
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJ5rLabiQLWiyQaBuOg5RE&google_cver=1

43 B
734 B

29ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJ5rLabiQLWiyQaBuOg5RE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNV9pA7AmbENMe7rXxJn7UDCTxqFYNl79e-NJ5MZUpDZ6nE0coPDHmqh6_2mQmltEzcIDWT3n7Xs3ZzmSDB4hGg5JXqIfJ2Wv_014mmuE-R7gy13p8AWXcXUdeCKbxQOnYRfCnlfUZe1I0kCI_vXynl0HfvI2wHbE7biD_Q2-IJnkIHSUik
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3p4qTitQlZefkOri8ixWcy03hav3DyI%2FH0YygPzUmCW90%2F8nXTgdU84mRa6mC3uFLQBe9aMltytOUGCmFykkczxxD7hiua3ulEN%2F%2FAduDpejhJ%2FUDAIlEoy64DVU6wZKr5JzUxn58Vj5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8468c0d148183a66-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJ5rLabiQLWiyQaBuOg5RE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E680
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZabYgs0vnouGRkorQ8EBWAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJ5rLabiQLWiyQaBuOg5RE&google_cver=1

43 B
739 B

28ms
28ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJ5rLabiQLWiyQaBuOg5RE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNV9pA7AmbENMe7rXxJn7UDCTxqFYNl79e-NJ5MZUpDZ6nE0coPDHmqh6_2mQmltEzcIDWT3n7Xs3ZzmSDB4hGg5JXqIfJ2Wv_014mmuE-R7gy13p8AWXcXUdeCKbxQOnYRfCnlfUZe1I0kCI_vXynl0HfvI2wHbE7biD_Q2-IJnkIHSUik
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIHplGC4R0GYQyc1ztn%2BBIlgpHGMWicTM4%2FN%2FbppUfdBMs5mrFUGSXmHi%2FPJHu7cS%2FeqRBn5uUDfAnvIej2qJQm156HsKoZP%2FdjmD0koXSGMc9hBCvZ%2B323wvCfwzKOYtewgu8ZA1zm6%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8468c0d1d8c43a66-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFJ5rLabiQLWiyQaBuOg5RE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E680
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED7k2QPqmIaH9fkzHBFgeMY&google_cver=1

43 B
1014 B

8ms
7ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESED7k2QPqmIaH9fkzHBFgeMY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNV9pA7AmbENMe7rXxJn7UDCTxqFYNl79e-NJ5MZUpDZ6nE0coPDHmqh6_2mQmltEzcIDWT3n7Xs3ZzmSDB4hGg5JXqIfJ2Wv_014mmuE-R7gy13p8AWXcXUdeCKbxQOnYRfCnlfUZe1I0kCI_vXynl0HfvI2wHbE7biD_Q2-IJnkIHSUik

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
an-x-request-uuid: 3d09d7b4-b3aa-47a5-aa23-3b0cb62d170a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.130; 178.162.209.130; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESED7k2QPqmIaH9fkzHBFgeMY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E680
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0MzE1OTU3NDUzNDExOTgyNw%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0MzE1OTU3NDUzNDExOTgyNw%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
an-x-request-uuid: 20a7db9f-1d24-4a0a-9b76-fdc230e8c099
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzE0MzE1OTU3NDUzNDExOTgyNw%3D%3D
x-proxy-origin: 178.162.209.130; 178.162.209.130; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8203 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7997139939523&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8203 0
20 B 46ms
45ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7997139939523&version=m202309260101&ct=77&x=1&cor=11448781649776316000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8203 20 KB
13 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BG1bTZn8cgnvkZQORvQ05QMU6vqqmRXNTn37zI3XzuV_zG4f93NgYIFYPt-apiTJSggWgYC0K0Yl1YotF3lbvESGJP9PwYxdEP_OpAxuWEm_YHggDWf4YB2vce-p16BqDAzqKtCgFSZT7q01wF2UUOTXPwP91nP1-DPRbPwPVC7W0FpyQ&cry=1&dbm_d=AKAmf-Dqjstq9bSM55tQd0y7cXdZqrlnuUH1en5_9YU_aUPXVre1k2Cv-PkSzUDFT1IMb_sFwUYonnvWLm_kwOxlqifYN011oy3bFYXgkntrkLMVXnIxQqdxLD0iJ_6Py2dxEawYvgBBlzR9xn5svZfbHJuMTqNpyC7PL4O4NszdT7vEdabSckHqC08vIx1UwTeNcnWtWNvG6IA4DDV80pZ2Agr7P49YnL_CnT-B0LZm1rquSOHIWB6zV5SZheXCaiCyXV6YsOVko9tgtLx7tu6VpHyKi4u-bRTk6KmZ4787-SxOmcZDRiQbsCpqBEixkYPKUfFrj9_MBMZQ0z5l1Agm_ek2kEKG47TDGf_P1QOAgt56IxuneLc2tK4kd_Bw7cL09iGU5iQ7HdghXhao8Q0MgOSf1QnMRRrmocagAl4aUSA7sarUsMGSBzGIi-AtkQqFP3J-5p5tUGhVIwzQdovxa0mrCiagzbbGef3-I68Bd1wMlVeOohTU6efBUJASY9kdq7I_-apWIwc-j24p2L2tUc8CeUt36YEatRehevzAQojHdZa-IqgNSPmM_jbQjKINu8lgvkIXo6wofXQzeOnv_VmkY6IMQVgLRaHRTaXMiBpl3QgQn-ks2k85P4bgZ-FiIzTmrzruXMuHvw2PnXiunO_GsQeueIJ8zYW1spGvWk_dpcQxs3X-GWFeJV1Wim6pfScwjpJyhBUKSWc_uOLGyLO9nrZH9CveCQseQE13rDEJ_4RPTJMT3fIwauNRtgoi2rphoNV5vcMjUe3ExYx0AdQ2BDZdhLpWdebuvxqrH6g2DTuZ9vmevkBeunLyFqFK7E3Fi6ZI-u4gIt1TMyzybONFd4AJ9iPk5RHhKwoVgS-0ShgSAanV0jqrqZ4G6Z0xFGky1su9LrssnImux7mmZ3cnQnWARPgpr6YBfUsZ_40DMSKGncJA18qSmiKB7daQ8gAOQoLOhtV8Fj4GrQDl_rD-4_zGbGMqwFK0V2sZty4W7MgBZuTFS0NEwGAEoKqWBp1GGYmlaKMF7AOytwiKzI1jvqH9E_XTqmRUmul-_GrHSqm7yjsbBRyL-f2paZkXzvT5v6fri3qCLnzbYQ__B488pWlw0ps2NRBZMn4ui8uKfW26SEp_N_6CpLAwlCyzaoRUbz2porO_iLGZcgwD48RTmXLfeIYylqF85fgKQbvKpnopK3zUSYK2lVhid6WX7RJvcHN2EV1WXi_Xc04voFjf-d2_pUKrRtFwqODrkADXzPYSLFZsf8NyCK3EOWved2n8trQzqnJtkdU6K2pnyqcqUjKtDmUTtP7JZXAqCtagndzm31HDgkj7dFNDmahKvRAbsa3iOc8_DH8PMaCQzYKxcXC90Jvd5H_q6t5TCCAh_7deJyIYb00CC-3Toj8E2wR6POb9YH1J5fdXHSmUXLMMQNofH_ew-ou4cQHs1ZEy47cuCwEcN6s5G-ZQlDAykQb1Zo4ManrkAIdbdnul3m-0gTeJ_cTT-WAdFWn031n3gge4zMu_DIQY-bwINgilYAMc2j4_oGO0NGvNpdYOOfyBxUkEshoKP9GwX-qXCfeiPj5qmxEueWA-u8zAo_gABQOeMObXjaPJKYvVDONPdOHeB5xdf32hWcwjmbi2a3s9-tH1VpsNa47RlrJ2UVjtTdtNHB5K-_MyBbIKUsJl0WokTHhTPY4vnw4ofCB01BLe-yaBYbV8XEZEi5Cu5xomNt0qZZzqLeC7dDhAHIe_h2WS4yqokGj9Rno53gmY91cwAdBHKrJ9x-gawXWV8e7LoVuoT033nWg4UhKvuld2vE3slvhicfckJ3-fpNjjGAXEEmXwkYaUA75uzxtlOLEXYz6kLjLCDhJWzgk5aIdT4nMZrt6ZlrYyRqyNQeEIoTwYxGuE1A_nd1XaXYemgbdZeci3TLuEyBGjcsys265DJymHVg5gkG2_kPnfqrZ4Aw6LRJ9sxNXO55th7TwwV7hjhFzUjfP-yTbPTGdUO3eMmob8JEppAubYqq9UMEn58NBfWA0gso4-QAomFx59ggN8mDUAl1PcW-s6POu7kjmJIQAQaeHGvegTstyZFCIWnDxO-nCU1D5GHIm4aBLcb89JpnH4F5hB6L4c_BmlM9t25N-hEAJXlDlULeQgIGStLXMiU4huhr2mtTHO5dSuPMWWoLmcgRjJTIO3j3TWzK22xTrGxHddWIl14pm0OLzns9xI5g27nc_aOdd9XWpKsLJygywbZmY7jYZTb9DgnvwgVuXnCa3ETeJafMSCUNf5qDlssnc-Hp1y5UsDqlSklzGudUL_2pt1pAF0yX9f-_kD3lHMpTgtdzBLoia1Vq_07V1A7II2s_Pzs184PUmzCAc0Rin7MXJJRlf3AN-xniZQZXQVFqOitW78Q_Zs_itbkypXyPHx6aM0vf1nUgEd5WLhYD7WyAYeRh_MUyvhwxp8NP-xf_pCqLlFakWH0NsU6Y96EC7A8NYOL0btiaqug8zThoozhCxgHMiHemiI8nINmTHdTrXehAK4g_m5PTflRRIaKIRZIMuRUiK1OEMfw1yM0izYAyLYx5xtTcvhq_eGv8qqCzKnATP0SjKTHfTi1G6bRU0yhmR_yyd-Ww6rYZMXamTAdeUDOpH5_NhOE-qWLzd6X0XltNJc8N6WVnT5-8dSD5p9rqYxi7FtRxJObP-Bpu4XE1MUb1Hcz9wPBQ8n3Cnp8n7BxkygArJQUEXf1r4BqMKef75Yr7Jc8ZTrTBFaZG1JemRDUcgfSX-D3eV0nx4S3empXNgtuLG9armE5tMtqL4Aj7bbqfB1CEjf9U-xjtCOvFDvXvZpWJMAebr80bpaaFUwZRc7nmy7nffci9Sgy5pouhukpo0sttvJhhMoV7gxkVFhrF82svLcLq1lE5lxn21Kc03xtnw6OP0GLX2U0LsQHjUFjRPbT_H5ejkx0D_Tz-cDVVyE5wDalkz0DE4qTANKDSLlk4G7UJNqVSWSkQQP_zNqSqTCOp12MEg6QwaRrQGdUUjZ2WddEtp3jPgyWtk2945BR90h3x5uvHhvVcP9ZCp37V4-FxH6MqnBY6e4bj22kJin4ADVlZySAuiCWobqZaRaOoz5vDVrtKP8jZCFGrduJeYdzKOSxGAvF8E-4C5GMKUHvmS1Qafuy3W124ALPbPi8SXbp_QEQ89Fddq29HXjwkWAVpgvGvoZ1ALG3TKIANRaDmoWejRB4sksMq2DC2773F1LQY-SFFohE9qyovvZiq_m2UGWv5Abbx4RXMGV9Yy987HH0BmTm2i57KEMu0OIfnMLSjoG9mdGLBzyiuPABHA_0_UPYNiixTeECRadH6sAynNdWj8NrS2-yo24IrLPcpMdIFu_yXDdBCLPTV5P49k0Sn3qnNnhbA5pKt29x2CqXIZ_NzNzUeEWn453BCA2ctCEIhlGEitsiiu0CmSEvPKX5k2yIOzzADTaCU8EQYIHEpbntnVpqJi-g-8059EbNDliyJI8bU2b6OMcJkK5kehNMm91cp4T7iny24LDgSBZwI-syv7Tl9oK_D8Oz9xkXtZSL9K6v967IBpHo8YGCf4sZu_ZishcXI0SMybblFTNLwgirQxAqHVRgju1bUup_EkAFbjHP4_E5boe-kk&cid=CAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fz4a.net%2F&ds=l&xdt=1&iif=1&cor=11448781649776316000&adk=1761367584&idt=72&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79a85ed11e933432384a09ef9df65c3936749ae8dc2640bb4dfd71280db50064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13546
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 528E 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 328568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5E13 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2920d68d6da1cdca467d144c5b7f6f9a33afb8b7585f3b9f674c74ee22348f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 5E13 33 KB
34 KB 56ms
17ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 00:19:37 GMT
x-content-type-options: nosniff
age: 68841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 00:19:37 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/ Frame 923C 128 KB
23 KB 68ms
15ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07497e600d542b16e71f360179e2018d30b254cf361db69f24d083d2a060df17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 116817
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23444
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 11:00:01 GMT
expires: Tue, 14 Jan 2025 11:00:01 GMT
last-modified: Wed, 10 Jan 2024 17:00:39 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CC8C 0
0 108ms
53ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFcMhyFvLaqWFUk5k_7SFzYrvFxvqFB3X5qNufWoXzQaqDzTqnk3ITWnTQw9mS1GRVF9WSnU5gyyjFgTHSS784mMkTC_6dW-IeFL7_8aqMbVsKeGb5mMEP-viVu1HCxJbgG8wxMTmXXl34Fc7ZPzIULgavHbVT03NuJCY-iry2jvc3AHJ7790jL2yrViuMm9IaPP6lhmRvFqBxoR9od5cyiWZvq0z5m5nd3Yfy_8uzE0R2QlvSmLoIv5T4eHW9xuHwm7XEiAZxT4D4NALTs-OAQdd9m8QLnZWctiBVvY3wVYAMdvhg_yeYEKbCFOPUfv7BdAKYP0Tiwpm6c3TPfZj7t2WSZl4_6yApaJd_NWjZ-TZZXO6tefQ34jxNBfs86AnPaB9IYqVSV9Uo5Y-9Sn6skNgji9vfePgjiZv4vxOoscKCEGQdY03ZmKfRGQR9jhE-_TGk_4aCfSDDk8kULRzh-U0Kgw7t87dj4CFUw-CxW9cF9m4RGVBAlSltQyrEQoHbRMfUcirZd3S884usAeEdBS_s5uDf9Y-L2E6YBFi-C5iCKxKA_EpJKzfkqxT_vLu9W7QKP2wLMZUA1CsynnhOpaY8-BY9SmQYy3ZnfDm-Urx7fhQyYH_ghzNu9bJOiszlZnmxso934EMueiUp-3hieOgvMVSjfPA_VpC6f1uxG67Vp0bxaEZ4X37leM3aldNNVq0an2srxKd358B0MbDjPPGjH8ox23dSlTNZJo08ojldpWTQjkkcCn4-UdOi3uNUS-ISce4ujrU-BUlXPI70531o5KUmnovxhdblJw1csOpnul-9NxDYkeSa_icfUE0wIPHOcljvmSmTxRH_8W6p4d0l1lUUGDOCNWYEDivl4rYkmXTjocpWF0LyzpRJQRca6UE_02lNSrcBtQM5MIhbqTM1f1j84zupk7PulDphXxNpbjBpUsjW2LF8vz7dqhBjqMkbdNkAe0tNNLxn-fIAn7xgZQsG3cd_mi_9U5X1lwnk3kswQf0L7Yz3hd961tPKYZtzjzmfP4HC3COIyOWL5DocKEw_3D0DO1-GB52ykiJovwALGsk0g8-NNe2cbiTI4RXBFYdRvKKH3bsuR7Cf7rYnwassHIC3uAtyuJUaTK4mnxJSLsZehUu63tkIU7OqP3uyI2MldRnWVN-lpHWLwmTpdD9W4-_t2aWyamn1edZHfNyjTz7IAavVYvtNRNwEyJYPa3EWIt6DTlbKnmdHTGpkDtdM6Y8UpaE4oL79qR8z9lQlRXZdWCE&sai=AMfl-YRSpvX7gToDa6JIoUBT_2gGwWjM-YhCOf6UJLmdbdROfPWs2C47fU9BijaPPTdBcgSDx5g-m504pVBG_Mjn8JdzQPWgZ41w92ApzkMwREeTOuGpcc3liGeirbxTrJEkR6alrwWs_P3jrdda_UclHDUIWrXQjgqlK7cmOukYnDCNXwmYTIJGhumBrJbBnaWFi649hljqCacv7yF_ngmJR8X0qViXkfT77vLtcvFQNiU3GoPxjdzwqlyzZ6zNmW5FeEod8DpD9qIGPL5RBpknmnOyuDrbjDi2ZJAzNBx_3kcUbboqXbzS8DsbUk8E18oEkhA&sig=Cg0ArKJSzMkkUHMCl1cKEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=214&cbvp=1&cstd=211&cisv=r20240109.84463&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 Jan 2024 19:26:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 93656
tags.bluekai.com/site/ Frame CC8C 62 B
574 B 207ms
153ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D31345938&phint=crid%3D208183252&phint=pid%3D385946991
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 16 Jan 2024 19:26:59 GMT
content-length: 62
bk-server: d4cc
content-type: image/gif

GET
H2 200 dpixel
cms.quantserve.com/ Frame 140D 35 B
463 B 55ms
12ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOv5KaKx9VIbYaA9UwI1v2o&google_cver=1&google_push=AXcoOmQa5JU3OJNLz2wgA0feDl7H9os62XFjFQoVRXZsMl5dPp7zMqUC5cZ4kFPJdMHyjkR6XRsLAUG8ivaOHOwvcc18CTZverN02A8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 140D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGpbiWZ3tVmF0GcZihUuw9A&google_cver=1&google_push=AXcoOmRO9sPlC1x1ugXFUI_Y3WAGpG_oSMkgCaULZrxdpdYGMNUUgP_nTHzsdMGHsQf11K8G1xQAOrex7NOyOwncLMxHlGDhYvXBn...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGpbiWZ3tVmF0GcZihUuw9A&google_cver=1&google_push=AXcoOmRO9sPlC1x1ugXFUI_Y3WAGpG_oSMkgCaULZrxdpdYGMNUUgP_nTHzsdMGHsQf11K8G1xQAOrex7NOyOwncLMxHlGDhYvX...

43 B
424 B

187ms
168ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGpbiWZ3tVmF0GcZihUuw9A&google_cver=1&google_push=AXcoOmRO9sPlC1x1ugXFUI_Y3WAGpG_oSMkgCaULZrxdpdYGMNUUgP_nTHzsdMGHsQf11K8G1xQAOrex7NOyOwncLMxHlGDhYvXBnFWG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRO9sPlC1x1ugXFUI_Y3WAGpG_oSMkgCaULZrxdpdYGMNUUgP_nTHzsdMGHsQf11K8G1xQAOrex7NOyOwncLMxHlGDhYvXBnFWG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8468c0d3bd8e9bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 424
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGpbiWZ3tVmF0GcZihUuw9A&google_cver=1&google_push=AXcoOmRO9sPlC1x1ugXFUI_Y3WAGpG_oSMkgCaULZrxdpdYGMNUUgP_nTHzsdMGHsQf11K8G1xQAOrex7NOyOwncLMxHlGDhYvXBnFWG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRO9sPlC1x1ugXFUI_Y3WAGpG_oSMkgCaULZrxdpdYGMNUUgP_nTHzsdMGHsQf11K8G1xQAOrex7NOyOwncLMxHlGDhYvXBnFWG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8468c0d24b4e9bdd-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 140D 0
173 B 72ms
27ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELzEHhl33nXW2Y75wATmeZo&google_cver=1&google_push=AXcoOmRCh7UJNXflaAE01XsMP-GthzFfWfQNOOIkQGw6ED_4C2P0Wl2yvUESHmiSL-yB_1ZuqekfkZ8Xs99SOiWWdADu8TjqZsWatyqy
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=280&adk=3175694369&adf=2617822577&pi=t.aa~a.1981750379~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x280&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 140D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPHTbOYGfhNukrOaWLT8zRE&google_cver=1&google_push=AXcoOmTITDQLhmLizWTpXmocv4tT_RZNkxkO9hGjeM1_LpyC2jMHNkE7lNI4yqvisyZtnqGbbFlh8yI31hzMrDYHBjp6uTg...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTITDQLhmLizWTpXmocv4tT_RZNkxkO9hGjeM1_LpyC2jMHNkE7lNI4yqvisyZtnqGbbFlh8yI31hzMrDYHBjp6uTgQIITUl5b8&google_hm=eS05ZUtBVlBKRTJwRV...

170 B
188 B

33ms
33ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTITDQLhmLizWTpXmocv4tT_RZNkxkO9hGjeM1_LpyC2jMHNkE7lNI4yqvisyZtnqGbbFlh8yI31hzMrDYHBjp6uTgQIITUl5b8&google_hm=eS05ZUtBVlBKRTJwRVFtQWVOUF9RcmZseENyQk5vYW9BNn5B

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 Jan 2024 19:26:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTITDQLhmLizWTpXmocv4tT_RZNkxkO9hGjeM1_LpyC2jMHNkE7lNI4yqvisyZtnqGbbFlh8yI31hzMrDYHBjp6uTgQIITUl5b8&google_hm=eS05ZUtBVlBKRTJwRVFtQWVOUF9RcmZseENyQk5vYW9BNn5B
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 140D 43 B
146 B 142ms
11ms Image
image/gif 35.157.107.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEGOMt2DzBz1uZ7G3L5AKDm4&google_cver=1&google_push=AXcoOmS1Oiqk4POA-r9QVVSMshZ3layW5GdxMCyAXj3TDcMtXegliAyDp2LHGYPJ9ly_vmmRlmtxuIYgGY3Isk3c-fFcDl2lHth4RcrC
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=280&adk=3175694369&adf=2617822577&pi=t.aa~a.1981750379~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x280&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.107.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-107-95.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 140D 43 B
363 B 58ms
16ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRkRPdQnzkCFdrdTq6qz5o92z7IBpkF-hY6SzqhmvURkb0v0ndJ-Xfhlww-fBiyex7JOn1fLEDWA_AZWVpEtFNvrz6v_-Gw_Lo6&google_gid=CAESEAeudJVRLi5Cr5Fqh8wYCwM&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 291779
expires: Tue, 16 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 140D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF0DjHXjDERMCZeEe6HCfMo&google_cver=1&google_push=AXcoOmRnVMGIZ8WmtGr8M88scubTOMfnB7EC1oNmAmrNDJucTlXe_ypSMeYvOt7H2DoN0ubjR_oyfL5V...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF0DjHXjDERMCZeEe6HCfMo&google_cver=1&google_push=AXcoOmRnVMGIZ8WmtGr8M88scubTOMfnB7EC1oNmAmrNDJucTlXe_ypSMeYvOt7H2DoN0ubjR_o...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzMyNTAyNzM0MDA4NDY0OA&google_push=AXcoOmRnVMGIZ8WmtGr8M88scubTOMfnB7EC1oNmAmrNDJucTlXe_ypSMeYvOt7H2DoN0ubjR_oyfL...

170 B
188 B

37ms
31ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzMyNTAyNzM0MDA4NDY0OA&google_push=AXcoOmRnVMGIZ8WmtGr8M88scubTOMfnB7EC1oNmAmrNDJucTlXe_ypSMeYvOt7H2DoN0ubjR_oyfL5Vqm9w218QBrAeNVFlbhJzd65L

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzMyNTAyNzM0MDA4NDY0OA&google_push=AXcoOmRnVMGIZ8WmtGr8M88scubTOMfnB7EC1oNmAmrNDJucTlXe_ypSMeYvOt7H2DoN0ubjR_oyfL5Vqm9w218QBrAeNVFlbhJzd65L
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 140D 0
12 B 23ms
23ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjgSo-szRJy2U2jsuzi2SQ6LsjXhTDw0VC4JIDZDlHWzKu7oe6Cs2jQ1AIIZnCJOk3TQcR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8203 41 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BG1bTZn8cgnvkZQORvQ05QMU6vqqmRXNTn37zI3XzuV_zG4f93NgYIFYPt-apiTJSggWgYC0K0Yl1YotF3lbvESGJP9PwYxdEP_OpAxuWEm_YHggDWf4YB2vce-p16BqDAzqKtCgFSZT7q01wF2UUOTXPwP91nP1-DPRbPwPVC7W0FpyQ&cry=1&dbm_d=AKAmf-Dqjstq9bSM55tQd0y7cXdZqrlnuUH1en5_9YU_aUPXVre1k2Cv-PkSzUDFT1IMb_sFwUYonnvWLm_kwOxlqifYN011oy3bFYXgkntrkLMVXnIxQqdxLD0iJ_6Py2dxEawYvgBBlzR9xn5svZfbHJuMTqNpyC7PL4O4NszdT7vEdabSckHqC08vIx1UwTeNcnWtWNvG6IA4DDV80pZ2Agr7P49YnL_CnT-B0LZm1rquSOHIWB6zV5SZheXCaiCyXV6YsOVko9tgtLx7tu6VpHyKi4u-bRTk6KmZ4787-SxOmcZDRiQbsCpqBEixkYPKUfFrj9_MBMZQ0z5l1Agm_ek2kEKG47TDGf_P1QOAgt56IxuneLc2tK4kd_Bw7cL09iGU5iQ7HdghXhao8Q0MgOSf1QnMRRrmocagAl4aUSA7sarUsMGSBzGIi-AtkQqFP3J-5p5tUGhVIwzQdovxa0mrCiagzbbGef3-I68Bd1wMlVeOohTU6efBUJASY9kdq7I_-apWIwc-j24p2L2tUc8CeUt36YEatRehevzAQojHdZa-IqgNSPmM_jbQjKINu8lgvkIXo6wofXQzeOnv_VmkY6IMQVgLRaHRTaXMiBpl3QgQn-ks2k85P4bgZ-FiIzTmrzruXMuHvw2PnXiunO_GsQeueIJ8zYW1spGvWk_dpcQxs3X-GWFeJV1Wim6pfScwjpJyhBUKSWc_uOLGyLO9nrZH9CveCQseQE13rDEJ_4RPTJMT3fIwauNRtgoi2rphoNV5vcMjUe3ExYx0AdQ2BDZdhLpWdebuvxqrH6g2DTuZ9vmevkBeunLyFqFK7E3Fi6ZI-u4gIt1TMyzybONFd4AJ9iPk5RHhKwoVgS-0ShgSAanV0jqrqZ4G6Z0xFGky1su9LrssnImux7mmZ3cnQnWARPgpr6YBfUsZ_40DMSKGncJA18qSmiKB7daQ8gAOQoLOhtV8Fj4GrQDl_rD-4_zGbGMqwFK0V2sZty4W7MgBZuTFS0NEwGAEoKqWBp1GGYmlaKMF7AOytwiKzI1jvqH9E_XTqmRUmul-_GrHSqm7yjsbBRyL-f2paZkXzvT5v6fri3qCLnzbYQ__B488pWlw0ps2NRBZMn4ui8uKfW26SEp_N_6CpLAwlCyzaoRUbz2porO_iLGZcgwD48RTmXLfeIYylqF85fgKQbvKpnopK3zUSYK2lVhid6WX7RJvcHN2EV1WXi_Xc04voFjf-d2_pUKrRtFwqODrkADXzPYSLFZsf8NyCK3EOWved2n8trQzqnJtkdU6K2pnyqcqUjKtDmUTtP7JZXAqCtagndzm31HDgkj7dFNDmahKvRAbsa3iOc8_DH8PMaCQzYKxcXC90Jvd5H_q6t5TCCAh_7deJyIYb00CC-3Toj8E2wR6POb9YH1J5fdXHSmUXLMMQNofH_ew-ou4cQHs1ZEy47cuCwEcN6s5G-ZQlDAykQb1Zo4ManrkAIdbdnul3m-0gTeJ_cTT-WAdFWn031n3gge4zMu_DIQY-bwINgilYAMc2j4_oGO0NGvNpdYOOfyBxUkEshoKP9GwX-qXCfeiPj5qmxEueWA-u8zAo_gABQOeMObXjaPJKYvVDONPdOHeB5xdf32hWcwjmbi2a3s9-tH1VpsNa47RlrJ2UVjtTdtNHB5K-_MyBbIKUsJl0WokTHhTPY4vnw4ofCB01BLe-yaBYbV8XEZEi5Cu5xomNt0qZZzqLeC7dDhAHIe_h2WS4yqokGj9Rno53gmY91cwAdBHKrJ9x-gawXWV8e7LoVuoT033nWg4UhKvuld2vE3slvhicfckJ3-fpNjjGAXEEmXwkYaUA75uzxtlOLEXYz6kLjLCDhJWzgk5aIdT4nMZrt6ZlrYyRqyNQeEIoTwYxGuE1A_nd1XaXYemgbdZeci3TLuEyBGjcsys265DJymHVg5gkG2_kPnfqrZ4Aw6LRJ9sxNXO55th7TwwV7hjhFzUjfP-yTbPTGdUO3eMmob8JEppAubYqq9UMEn58NBfWA0gso4-QAomFx59ggN8mDUAl1PcW-s6POu7kjmJIQAQaeHGvegTstyZFCIWnDxO-nCU1D5GHIm4aBLcb89JpnH4F5hB6L4c_BmlM9t25N-hEAJXlDlULeQgIGStLXMiU4huhr2mtTHO5dSuPMWWoLmcgRjJTIO3j3TWzK22xTrGxHddWIl14pm0OLzns9xI5g27nc_aOdd9XWpKsLJygywbZmY7jYZTb9DgnvwgVuXnCa3ETeJafMSCUNf5qDlssnc-Hp1y5UsDqlSklzGudUL_2pt1pAF0yX9f-_kD3lHMpTgtdzBLoia1Vq_07V1A7II2s_Pzs184PUmzCAc0Rin7MXJJRlf3AN-xniZQZXQVFqOitW78Q_Zs_itbkypXyPHx6aM0vf1nUgEd5WLhYD7WyAYeRh_MUyvhwxp8NP-xf_pCqLlFakWH0NsU6Y96EC7A8NYOL0btiaqug8zThoozhCxgHMiHemiI8nINmTHdTrXehAK4g_m5PTflRRIaKIRZIMuRUiK1OEMfw1yM0izYAyLYx5xtTcvhq_eGv8qqCzKnATP0SjKTHfTi1G6bRU0yhmR_yyd-Ww6rYZMXamTAdeUDOpH5_NhOE-qWLzd6X0XltNJc8N6WVnT5-8dSD5p9rqYxi7FtRxJObP-Bpu4XE1MUb1Hcz9wPBQ8n3Cnp8n7BxkygArJQUEXf1r4BqMKef75Yr7Jc8ZTrTBFaZG1JemRDUcgfSX-D3eV0nx4S3empXNgtuLG9armE5tMtqL4Aj7bbqfB1CEjf9U-xjtCOvFDvXvZpWJMAebr80bpaaFUwZRc7nmy7nffci9Sgy5pouhukpo0sttvJhhMoV7gxkVFhrF82svLcLq1lE5lxn21Kc03xtnw6OP0GLX2U0LsQHjUFjRPbT_H5ejkx0D_Tz-cDVVyE5wDalkz0DE4qTANKDSLlk4G7UJNqVSWSkQQP_zNqSqTCOp12MEg6QwaRrQGdUUjZ2WddEtp3jPgyWtk2945BR90h3x5uvHhvVcP9ZCp37V4-FxH6MqnBY6e4bj22kJin4ADVlZySAuiCWobqZaRaOoz5vDVrtKP8jZCFGrduJeYdzKOSxGAvF8E-4C5GMKUHvmS1Qafuy3W124ALPbPi8SXbp_QEQ89Fddq29HXjwkWAVpgvGvoZ1ALG3TKIANRaDmoWejRB4sksMq2DC2773F1LQY-SFFohE9qyovvZiq_m2UGWv5Abbx4RXMGV9Yy987HH0BmTm2i57KEMu0OIfnMLSjoG9mdGLBzyiuPABHA_0_UPYNiixTeECRadH6sAynNdWj8NrS2-yo24IrLPcpMdIFu_yXDdBCLPTV5P49k0Sn3qnNnhbA5pKt29x2CqXIZ_NzNzUeEWn453BCA2ctCEIhlGEitsiiu0CmSEvPKX5k2yIOzzADTaCU8EQYIHEpbntnVpqJi-g-8059EbNDliyJI8bU2b6OMcJkK5kehNMm91cp4T7iny24LDgSBZwI-syv7Tl9oK_D8Oz9xkXtZSL9K6v967IBpHo8YGCf4sZu_ZishcXI0SMybblFTNLwgirQxAqHVRgju1bUup_EkAFbjHP4_E5boe-kk&cid=CAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fz4a.net%2F&ds=l&xdt=1&iif=1&cor=11448781649776316000&adk=1761367584&idt=72&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 343150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTQzMzIxODgwNjcwOAogIHNlcnZlcl9pcDogMTI2MDcwMDU1CiAgcHJvY2Vzc19pZDogMjA2NDAzOTE0OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 8203 0
868 B 102ms
47ms Image
image/png 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTQzMzIxODgwNjcwOAogIHNlcnZlcl9pcDogMTI2MDcwMDU1CiAgcHJvY2Vzc19pZDogMjA2NDAzOTE0OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMzYzNDMxNDIyMzY2NTYyNDc1CmRlYnVnX2tleTogNDg4MzQ5MTEwNDg1MTk5MDUyMwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMTYiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NDg0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjA4NjM4CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xbdb7e9ffa1681ffe0000000000000000","13":"0xc7ea87b08af7a7d10000000000000000","14":"0x2c39881e645d0f020000000000000000","15":"0x3aa3bd45ba6187250000000000000000"},"debug_key":"4883491104851990523","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"1363431422366562475"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 8203 11 KB
4 KB 53ms
14ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1705433218086716&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpZyCgtimZbylBemRpt8P0euaqAqm5b2gaYWVnKfJD_AuEAEgjMiYe2CVgqCCsAfIAQmpAgveFLCSULI-qAMByAObBKoE3gFP0Kju5iqSPBkrs4nNKBJfGlAhGg3dLTaAW9BNZB_b17PUvgAc6dy0IgUrBcA5tg9W_9_l-sA8hOOgpPuSpYBdOp3bnBFKcmPBZvCKo1kxE5VUh0p1v1CZDkgqcilwa8sBYvzJvjlfFTC74gMNGegUxyUaFXjCUxb5ZoSjz1T64y7FH6WfUvH_4ZkecjCVaqbdSPclR4aRhJ1qIBx2_JQuFL4yjPrAyGBNEgP3D055eiQ14986yPgpUMYr59KO85MT_F342q3cIdWbYDaJf5SoXtQcUsGnb50mffFzZK7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYub-S6dHigwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB%26sig%3DAOD64_1OuFbfeVnOc6GMqer0_UEVAwCOkQ%26client%3Dca-pub-6276533791428328%26dbm_c%3DAKAmf-AsgC45LGyyWPnooJTxHoak8TdnNb3uR-uBcmRlixH7PnTIvEJ_YCas1sfnIMuMIhieb31avCDjb-puXBkhXl0KdcEMb45zxLRCy0wMMr7Xo-u-mxjENRoOq14uF9fLCO7hlhNCe4LwTCZcGrKn-lAEFejK4KRgMmT4BKlz985AjQnXO3I%26cry%3D1%26dbm_d%3DAKAmf-ABf8wl83E3QNLDHhAF5Q5hbXyKV7ffmBM4XLMir5puyoc1ZWCRR6s9KManwOFmQ85niEt2RXMYGycz8Sc1SX8PV0-ewyAGSifecHhmeuXKXEAnFlxVMkF9NjkXARq7X4MARVOOn2BZ3VyqCVE80_QfoDRI2AOttDp66OG74f3jXVXyduOByjdKW7ma8m_3JANpKpQGdYTlJejwge3UdSG8Aga5p70smc30cUJIiBnK85PGavjF3zGkDwJgSL0JG8BnoQFSJ1kKT6zBXt6wbtY8oodjC4yr9Faiv_JcIaCJ1Jehx0-sTsEzE0LTDInb-Ps201O1YsbTx6RSPltd17atYM0Q88O2vgtetmpLogX-_YV4m7XunkruNMy5XzM-Ie7XtOHb-6hbsqdWXyqya-p7-wYFAf4YXYo2Dx68AAM4MMKHZHXs5nphyH9qY8k_eC6XSMRIk67ddEWtWLmBs1aYPrZxSg5UISFipcAPBAk65nzNpoLciu52QINnipadP0gT2wJaHXw2yXLdB5smoZ3YphHoct0nYmD-m7Ce5Q4-sTd2vS8%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a2708301f5974fd85e89d508243f8735b62c9bee527a04f05926923575cbd568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 19:26:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4112
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 main.19.8.473.js Show response
static.adsafeprotected.com/ Frame CC8C 214 KB
66 KB 50ms
8ms Script
application/javascript 2600:9000:223f:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.473.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1925915/77841638/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015411622&ias_pubId=pub-6276533791428328&ias_chanId=1&ias_placementId=20939250460&bidurl=https://z4a.net/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jyk-FApHo2nWYektXX9TDx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:05:29 GMT
x-amz-version-id: TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 354090
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 11 Jan 2024 21:47:36 GMT
server: AmazonS3
etag: W/"38edfb290172e1aef8532f19eb4cbbe4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: KAisp88eU7-nNkv0EjhoAOOufjiXY3pJO9ggu_42NWmzulqFwtURvA==

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 528E 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 08:55:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 56DF 38 KB
13 KB 17ms
16ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 328568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5E13
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRf25gtimZdDqBJeW9wXRlonAA9_RwutvwLzrg7MPyvryyMEBEAEgjMiYe2CVgqCCsAegAeTi8pgByAEJqQI9d2UW6oyzPqgDAcgDywSqBMIBT9DtomZsZPWDe-3P5NLg7ujiMgxelx-3KWQ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225362995904353075175%22,%22debug_reporting%22:true,%22destination%22:%22https://art24.world%22,%22event_report_window%22:%2...

0
0

92ms
52ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225362995904353075175%22,%22debug_reporting%22:true,%22destination%22:%22https://art24.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22320647524%22],%2222%22:[%22true%22],%224%22:[%2201-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228389867580753609153%22}&andc=true

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:59 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5362995904353075175","debug_reporting":true,"destination":"https://art24.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["320647524"],"22":["true"],"4":["01-16"],"6":["true"]},"priority":"500","source_event_id":"8389867580753609153"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Jan 2024 19:26:59 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 Jan 2024 19:26:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5362995904353075175","debug_reporting":true,"destination":"https://art24.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["320647524"],"22":["true"],"4":["01-16"],"6":["true"]},"priority":"500","source_event_id":"8389867580753609153"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 923C 32 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 23:49:09 GMT

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EB0 50 KB
19 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 335781
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 22:10:37 GMT

GET
H/1.1

200
OK

request.php Show response
hal90009.redintelligence.net/ Frame 8203
Redirect Chain

https://hal90009.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90009.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

165ms
131ms

Script
application/x-javascript

138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpZyCgtimZbylBemRpt8P0euaqAqm5b2gaYWVnKfJD_AuEAEgjMiYe2CVgqCCsAfIAQmpAgveFLCSULI-qAMByAObBKoE3gFP0Kju5iqSPBkrs4nNKBJfGlAhGg3dLTaAW9BNZB_b17PUvgAc6dy0IgUrBcA5tg9W_9_l-sA8hOOgpPuSpYBdOp3bnBFKcmPBZvCKo1kxE5VUh0p1v1CZDkgqcilwa8sBYvzJvjlfFTC74gMNGegUxyUaFXjCUxb5ZoSjz1T64y7FH6WfUvH_4ZkecjCVaqbdSPclR4aRhJ1qIBx2_JQuFL4yjPrAyGBNEgP3D055eiQ14986yPgpUMYr59KO85MT_F342q3cIdWbYDaJf5SoXtQcUsGnb50mffFzZK7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYub-S6dHigwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB%26sig%3DAOD64_1OuFbfeVnOc6GMqer0_UEVAwCOkQ%26client%3Dca-pub-6276533791428328%26dbm_c%3DAKAmf-AsgC45LGyyWPnooJTxHoak8TdnNb3uR-uBcmRlixH7PnTIvEJ_YCas1sfnIMuMIhieb31avCDjb-puXBkhXl0KdcEMb45zxLRCy0wMMr7Xo-u-mxjENRoOq14uF9fLCO7hlhNCe4LwTCZcGrKn-lAEFejK4KRgMmT4BKlz985AjQnXO3I%26cry%3D1%26dbm_d%3DAKAmf-ABf8wl83E3QNLDHhAF5Q5hbXyKV7ffmBM4XLMir5puyoc1ZWCRR6s9KManwOFmQ85niEt2RXMYGycz8Sc1SX8PV0-ewyAGSifecHhmeuXKXEAnFlxVMkF9NjkXARq7X4MARVOOn2BZ3VyqCVE80_QfoDRI2AOttDp66OG74f3jXVXyduOByjdKW7ma8m_3JANpKpQGdYTlJejwge3UdSG8Aga5p70smc30cUJIiBnK85PGavjF3zGkDwJgSL0JG8BnoQFSJ1kKT6zBXt6wbtY8oodjC4yr9Faiv_JcIaCJ1Jehx0-sTsEzE0LTDInb-Ps201O1YsbTx6RSPltd17atYM0Q88O2vgtetmpLogX-_YV4m7XunkruNMy5XzM-Ie7XtOHb-6hbsqdWXyqya-p7-wYFAf4YXYo2Dx68AAM4MMKHZHXs5nphyH9qY8k_eC6XSMRIk67ddEWtWLmBs1aYPrZxSg5UISFipcAPBAk65nzNpoLciu52QINnipadP0gT2wJaHXw2yXLdB5smoZ3YphHoct0nYmD-m7Ce5Q4-sTd2vS8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6276533791428328%26output%3Dhtml%26h%3D90%26adk%3D1143835972%26adf%3D1117478253%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705433217%26rafmt%3D1%26to%3Dqs%26pwprc%3D8016500324%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fz4a.net%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705433217888%26bpp%3D1%26bdt%3D3421%26idt%3D1%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D8319729639551%26frm%3D20%26pv%3D1%26ga_vid%3D302895897.1705433217%26ga_sid%3D1705433217%26ga_hid%3D701868027%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1544%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C95320238%252C31079266%252C31079438%252C31080224%252C95321627%252C95322165%26oid%3D2%26pvsid%3D1834627871872826%26tmod%3D801129996%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fz4a.net&random=7375436638700&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: HTTP/1.1
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e8b2ca03ab80823290bff76767d9269744128b08f6852c482621b3743ba4e56a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jan 2024 19:26:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 14173600173585604444550012571009
Connection: close
Content-Length: 1351
Expires: Tue, 16 Jan 2024 19:26:59 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 16 Jan 2024 19:26:59 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpZyCgtimZbylBemRpt8P0euaqAqm5b2gaYWVnKfJD_AuEAEgjMiYe2CVgqCCsAfIAQmpAgveFLCSULI-qAMByAObBKoE3gFP0Kju5iqSPBkrs4nNKBJfGlAhGg3dLTaAW9BNZB_b17PUvgAc6dy0IgUrBcA5tg9W_9_l-sA8hOOgpPuSpYBdOp3bnBFKcmPBZvCKo1kxE5VUh0p1v1CZDkgqcilwa8sBYvzJvjlfFTC74gMNGegUxyUaFXjCUxb5ZoSjz1T64y7FH6WfUvH_4ZkecjCVaqbdSPclR4aRhJ1qIBx2_JQuFL4yjPrAyGBNEgP3D055eiQ14986yPgpUMYr59KO85MT_F342q3cIdWbYDaJf5SoXtQcUsGnb50mffFzZK7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYub-S6dHigwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB%26sig%3DAOD64_1OuFbfeVnOc6GMqer0_UEVAwCOkQ%26client%3Dca-pub-6276533791428328%26dbm_c%3DAKAmf-AsgC45LGyyWPnooJTxHoak8TdnNb3uR-uBcmRlixH7PnTIvEJ_YCas1sfnIMuMIhieb31avCDjb-puXBkhXl0KdcEMb45zxLRCy0wMMr7Xo-u-mxjENRoOq14uF9fLCO7hlhNCe4LwTCZcGrKn-lAEFejK4KRgMmT4BKlz985AjQnXO3I%26cry%3D1%26dbm_d%3DAKAmf-ABf8wl83E3QNLDHhAF5Q5hbXyKV7ffmBM4XLMir5puyoc1ZWCRR6s9KManwOFmQ85niEt2RXMYGycz8Sc1SX8PV0-ewyAGSifecHhmeuXKXEAnFlxVMkF9NjkXARq7X4MARVOOn2BZ3VyqCVE80_QfoDRI2AOttDp66OG74f3jXVXyduOByjdKW7ma8m_3JANpKpQGdYTlJejwge3UdSG8Aga5p70smc30cUJIiBnK85PGavjF3zGkDwJgSL0JG8BnoQFSJ1kKT6zBXt6wbtY8oodjC4yr9Faiv_JcIaCJ1Jehx0-sTsEzE0LTDInb-Ps201O1YsbTx6RSPltd17atYM0Q88O2vgtetmpLogX-_YV4m7XunkruNMy5XzM-Ie7XtOHb-6hbsqdWXyqya-p7-wYFAf4YXYo2Dx68AAM4MMKHZHXs5nphyH9qY8k_eC6XSMRIk67ddEWtWLmBs1aYPrZxSg5UISFipcAPBAk65nzNpoLciu52QINnipadP0gT2wJaHXw2yXLdB5smoZ3YphHoct0nYmD-m7Ce5Q4-sTd2vS8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6276533791428328%26output%3Dhtml%26h%3D90%26adk%3D1143835972%26adf%3D1117478253%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705433217%26rafmt%3D1%26to%3Dqs%26pwprc%3D8016500324%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fz4a.net%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705433217888%26bpp%3D1%26bdt%3D3421%26idt%3D1%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D8319729639551%26frm%3D20%26pv%3D1%26ga_vid%3D302895897.1705433217%26ga_sid%3D1705433217%26ga_hid%3D701868027%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1544%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C95320238%252C31079266%252C31079438%252C31080224%252C95321627%252C95322165%26oid%3D2%26pvsid%3D1834627871872826%26tmod%3D801129996%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fz4a.net&random=7375436638700&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 16 Jan 2024 19:26:59 +0100

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 56DF 39 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 08:55:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 116ms
49ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 19:26:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CC8C 0
0 58ms
53ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFcMhyFvLaqWFUk5k_7SFzYrvFxvqFB3X5qNufWoXzQaqDzTqnk3ITWnTQw9mS1GRVF9WSnU5gyyjFgTHSS784mMkTC_6dW-IeFL7_8aqMbVsKeGb5mMEP-viVu1HCxJbgG8wxMTmXXl34Fc7ZPzIULgavHbVT03NuJCY-iry2jvc3AHJ7790jL2yrViuMm9IaPP6lhmRvFqBxoR9od5cyiWZvq0z5m5nd3Yfy_8uzE0R2QlvSmLoIv5T4eHW9xuHwm7XEiAZxT4D4NALTs-OAQdd9m8QLnZWctiBVvY3wVYAMdvhg_yeYEKbCFOPUfv7BdAKYP0Tiwpm6c3TPfZj7t2WSZl4_6yApaJd_NWjZ-TZZXO6tefQ34jxNBfs86AnPaB9IYqVSV9Uo5Y-9Sn6skNgji9vfePgjiZv4vxOoscKCEGQdY03ZmKfRGQR9jhE-_TGk_4aCfSDDk8kULRzh-U0Kgw7t87dj4CFUw-CxW9cF9m4RGVBAlSltQyrEQoHbRMfUcirZd3S884usAeEdBS_s5uDf9Y-L2E6YBFi-C5iCKxKA_EpJKzfkqxT_vLu9W7QKP2wLMZUA1CsynnhOpaY8-BY9SmQYy3ZnfDm-Urx7fhQyYH_ghzNu9bJOiszlZnmxso934EMueiUp-3hieOgvMVSjfPA_VpC6f1uxG67Vp0bxaEZ4X37leM3aldNNVq0an2srxKd358B0MbDjPPGjH8ox23dSlTNZJo08ojldpWTQjkkcCn4-UdOi3uNUS-ISce4ujrU-BUlXPI70531o5KUmnovxhdblJw1csOpnul-9NxDYkeSa_icfUE0wIPHOcljvmSmTxRH_8W6p4d0l1lUUGDOCNWYEDivl4rYkmXTjocpWF0LyzpRJQRca6UE_02lNSrcBtQM5MIhbqTM1f1j84zupk7PulDphXxNpbjBpUsjW2LF8vz7dqhBjqMkbdNkAe0tNNLxn-fIAn7xgZQsG3cd_mi_9U5X1lwnk3kswQf0L7Yz3hd961tPKYZtzjzmfP4HC3COIyOWL5DocKEw_3D0DO1-GB52ykiJovwALGsk0g8-NNe2cbiTI4RXBFYdRvKKH3bsuR7Cf7rYnwassHIC3uAtyuJUaTK4mnxJSLsZehUu63tkIU7OqP3uyI2MldRnWVN-lpHWLwmTpdD9W4-_t2aWyamn1edZHfNyjTz7IAavVYvtNRNwEyJYPa3EWIt6DTlbKnmdHTGpkDtdM6Y8UpaE4oL79qR8z9lQlRXZdWCE&sai=AMfl-YRSpvX7gToDa6JIoUBT_2gGwWjM-YhCOf6UJLmdbdROfPWs2C47fU9BijaPPTdBcgSDx5g-m504pVBG_Mjn8JdzQPWgZ41w92ApzkMwREeTOuGpcc3liGeirbxTrJEkR6alrwWs_P3jrdda_UclHDUIWrXQjgqlK7cmOukYnDCNXwmYTIJGhumBrJbBnaWFi649hljqCacv7yF_ngmJR8X0qViXkfT77vLtcvFQNiU3GoPxjdzwqlyzZ6zNmW5FeEod8DpD9qIGPL5RBpknmnOyuDrbjDi2ZJAzNBx_3kcUbboqXbzS8DsbUk8E18oEkhA&sig=Cg0ArKJSzMkkUHMCl1cKEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=396&vt=11&dtpt=182&dett=3&cstd=211&cisv=r20240109.84463&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: z4a.net
URL: https://z4a.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame CC8C
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1925915/77841638/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015411622&ias_pubId=pub-6276533791428328&ias_chanId=1&ias_placementId=20939250460&bi...
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

17 B
465 B

10ms
10ms

Script
application/javascript

2600:9000:223f:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:223f:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9648341
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: UWm__cCyyUQTGL63cuYuwm7bSjyYSYAb4HTq3L3wdcBB7GVyKsouEA==

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2781 91 KB
23 KB 13ms
13ms Script
application/javascript 2600:9000:223f:c200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10178269
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: f_dvwHcZ0XpMtdjqz47i9iAg5FVxaV9FaYIqxSSovLvvk7TJQlKO1A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC8C 43 B
216 B 562ms
177ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=4c59af51-75bd-a300-4859-c2634ba6e0e1&tv=%7Bc:1uGMvn,pingTime:-3,time:244,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:211%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:245,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:211,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1yvZ7D+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1611%7C1612%7C171*.1925915-77841638%7C1711%7C17121%7C1713,idMap:171*,rmeas:1,rend:0,renddet:na,siq:213%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC8C 43 B
215 B 561ms
178ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=4c59af51-75bd-a300-4859-c2634ba6e0e1&tv=%7Bc:1uGMvp,pingTime:-6,time:246,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:246,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:211,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1yvZ7D+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1611%7C1612%7C171*.1925915-77841638%7C1711%7C17121%7C1713,idMap:171*,rmeas:1,rend:0,renddet:na,siq:213%7D&tpiLookup=ao:z4a.net*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 MM_logo.png
s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/ Frame 923C 2 KB
2 KB 17ms
16ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/MM_logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4336111e84dc42f94adca7e9798d71626c2a01330dc700bda5fc9873dc39efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 11:00:01 GMT
date: Mon, 15 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 116818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1814
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:00:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 SA_logo.png
s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/ Frame 923C 1 KB
1 KB 18ms
17ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/SA_logo.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff410c49df1880c0d305691923c285ecf96aff086fc430af176e59bf18d4357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 11:00:01 GMT
date: Mon, 15 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 116818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1447
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:00:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Prod1.png
s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/ Frame 923C 6 KB
6 KB 23ms
22ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/Prod1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e55a7fa1b416569cfc36ab9d88773b848f16cd61e2fb3129cb7d65cbe386d1e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 15:09:53 GMT
date: Tue, 16 Jan 2024 15:09:53 GMT
x-content-type-options: nosniff
age: 15426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5796
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:00:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Preis1.png
s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/ Frame 923C 3 KB
3 KB 25ms
24ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/Preis1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c4311646bf0a8176c70ca3b82c96fab13627d35324309d879bbaa167daf59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 11:00:01 GMT
date: Mon, 15 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 116818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3154
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:00:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual2.png
s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/ Frame 923C 7 KB
7 KB 26ms
25ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/Visual2.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

547a49e6ffa62067fd09740c7d2794c749ca716954cd06af2640c15e633af686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 11:00:01 GMT
date: Mon, 15 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 116818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7128
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:00:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual1.png
s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/ Frame 923C 3 KB
3 KB 25ms
24ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/Visual1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92396917ea90b33297b8cfb311e2958640ab789d03ce7218ba10bdef264380d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 11:00:01 GMT
date: Mon, 15 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 116818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2599
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:00:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual.png
s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/ Frame 923C 4 KB
4 KB 25ms
25ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/Visual.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddef912d8de7f2cd437efc4ee3944e6c2f02ad4122c3a6c1a51abb90c3ac2f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 14 Jan 2025 11:00:01 GMT
date: Mon, 15 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 116818
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3746
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:00:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Bild.jpg
s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/ Frame 923C 15 KB
15 KB 26ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/Bild.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

938bb79f64d35741a592a07d71cc15ddd5efb0e1fab536ed56f3746f8594ba18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9198141633644055381/LeaderboardACER/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 19:19:39 GMT
date: Tue, 16 Jan 2024 19:19:39 GMT
x-content-type-options: nosniff
age: 440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15677
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 17:00:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC8C 43 B
215 B 532ms
177ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=4c59af51-75bd-a300-4859-c2634ba6e0e1&tv=%7Bc:1uGMvR,pingTime:-2,time:274,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:520,beZ:521,mfA:712,cmA:714,inA:714,inZ:719,prA:719,prZ:725,si:732,poA:734,poZ:750,cmZ:750,mfZ:750,loA:765,loZ:768,ltA:793,ltZ:793,mdA:521,mdZ:583%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:211%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:274,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:211,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1yvZ7D+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1611%7C1612%7C171*.1925915-77841638%7C1711%7C17121%7C1713,idMap:171*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:213,sinceFw:60,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 528E 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B9wt8gtimZeKXIv-tjuwP-7GIoAMAAAAAOAHgBAI&bg=!ubqluvXNAAaumcC-jpk7ADQBe5WfOLMgv5L0BM6OtvI2hsdbDvmM7feG7-XT7u7EkszERYG2jhc9KTJZY1S80Tv39XFeAgAAARRSAAAAA2gBB5kC_JJpKjZ-LPRR9eHypvTX5mJbAr9VAh95mxkf3Tivr_yLZzFHMy3Xtcoe6LmhEB3Nv6fLmKH1T0C71vHypx-E_U8NgvfC3TozZo42-_acEZoE9DnOlmaHRVW79HzgRfRSDbLFFHHDCkgODu6uRPXb_Yj4oY8PIxtFtWsSU8r1dvPBdpfOtXB0496oYXXuID4dOLvRQ0kkcGqjpGVzsIzttTP5DcN3wxbDqiET_EiHuULzLqJe72goK2pypfGJFCywkuh7esmfcPeTN1lwuGCv_qQk5LUjnd1TzQMzQ1bS0GN0mQVPrs1iJMm7paTOuWW7lLhvgSpYAoUgCxQwppIcYJhe8OKN4WYFKeLkWe4h64KjhRpEljhv5OnDJNTWs5VgbmbPAVxtZ9WmGYWJAg9s5O8VVWvet6oD3zberPgSmuPqn_FGoa6O5hr4GWmzq98yHfTnr13wAPxDhxWRIzggJSukjU9u0pw7OQ_RGtahujW0Da3gncKFtndcsJc0vLklQXP9L3jY5-n50Npajx7EX_QAf5dw0JHufhbCuJqB5sSn4nqCJBCRGN1uJGJqUXgAFhV6u1mUBMH3gbRqeRm2XBvJujvGzhqeYgBC57EH0islNbqg3wnsVEVC-llCQQeVZVUPVbd8egMd0Fq16sikiz2qrHgPK_joMYFf8fqDPWUZvNlV39U9XRJoqbnTYnF7mLLMAjPa7rtXFebP2wsijAg1h4K6ypcQvck-bpX-fL-PyzyUQ-n1009KEmBXM6ut27GXTOY37WkiNX9FPnl2Z6XBFkbQ0S_vbsWr8hj-o8uzmCTN-oppWr4mBz33_um4IrVjlwW_6AccdNEtvHmhqKvpQdcdWz_IOtpMMrMxqu9Fv21L53Rb4V4yAQIPlYUjUaieH5mZZV5tC5qH6cNJ7KXzCDg9pKQrkM4IVT_jATfLYjI3_iSaiRy4h2VXbZVh5MptBdOw9CHIgKiE2FPW3yx9g5Vev7e5l5ecu2yOK-vWdEjxNuU3R80gXTrj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 56DF 0
20 B 47ms
46ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BeFvegtimZbSeMafajuwP7Pma2AcAAAAAOAHgBAI&bg=!zc6lzoHNAAaumcC-jpk7ADQBe5WfOODXVET08HAmL8zSpldnPtVcsvNreb1Lgy_9zCJRQkRcBBopk8HSqBEP5t31z5UAAgAAAH1SAAAABGgBBwoAC_zG0asw7qTD7TzwmQME97p3WSz8o_44boEyJeB6yHVA2S5uV5ppypwwxzesH7YuE04cS-WzWtt2GXuMUU7q9RDIQpEas_p0uGaVSKi2zfCgUQCUgDCCb6CLYB_47EZX7CBoLdcylRw99dzdqszGgfal7JYnxe7oiWKVQikmYXNzm-DedeazO1l_OSEhzDcUdEE9Gw2d-bJLlgwK-ASQwjQm0Li5S7MXcithug1JPxXu5wqtRaMHDiTHB7-SnVTMPRVsgXjHZWEN3mqarDjqfy0WAhJg0dR55fg70-R4rfkkO9LPeuI2mL1rPZ5cTkrC_QC2qP27yP6Y0VGEIe7M8RXVDQr-gnq1nrbsOgmIYSudGCSmnP_Lf5qZGUDbxtLR0NjV9Yno80JEKmm_rPIvaDeTsxgRXbZd2RIWPti1uyjdg-VcS13SU8-5mFV3TYkhaqqgdcaSywEuXAOGK98MokQknr-X2uG6gyTa-z3OowGDj59-AlK3bk7bMg_SUEyg3LCTg_C3gukbr7mZU8eD0cmq0uckKbwsjgdeIkFxhWfTs3GigBrqWpKq-H5hddETnHPRMVDM4lZyaty6Ap38FfN3SRtyEHBtu5WUftuizkQcgz8_fN459eRNe8Xch3xY3BgxaKCJ-cCY8ro8Rk94X5HWcfu6e6x3PXZhHWBgknSmxJIxQszxa4k5MTCjONdmhIb6wysrFTpHPGzK9wP8OM0d0PlnRe_tezKtxVVxX9O24D7mdWviIldLtluUD2S6CGGAdkpWWAirJVyP4YV6pcDfHc49O37i6HwIwJxtcl3zy1eS746Rlj73GccEiwjO2wTuB0Q4nBlnp6xX3lH2sKjCRhEI6ha2vCXw51f6_Bxkd7ED4jwtYmuh-6AR-ghx6027xreShLKgc7qvyivvxjaAXDCB8wyqe2iri_wOL6y2tE8WmbZZ3y6473gFVbPJSVhMjgl1_cFkd15I4Sghp0bNDxqE8fSVB19x7ItXrdH3-DLVpoFmWXayuKJmcMqA5BOUt8_3MQ3jokgRGu8Xbbs7kA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame B45C 0
327 B 74ms
21ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=14173600173585604444550012571009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpZyCgtimZbylBemRpt8P0euaqAqm5b2gaYWVnKfJD_AuEAEgjMiYe2CVgqCCsAfIAQmpAgveFLCSULI-qAMByAObBKoE3gFP0Kju5iqSPBkrs4nNKBJfGlAhGg3dLTaAW9BNZB_b17PUvgAc6dy0IgUrBcA5tg9W_9_l-sA8hOOgpPuSpYBdOp3bnBFKcmPBZvCKo1kxE5VUh0p1v1CZDkgqcilwa8sBYvzJvjlfFTC74gMNGegUxyUaFXjCUxb5ZoSjz1T64y7FH6WfUvH_4ZkecjCVaqbdSPclR4aRhJ1qIBx2_JQuFL4yjPrAyGBNEgP3D055eiQ14986yPgpUMYr59KO85MT_F342q3cIdWbYDaJf5SoXtQcUsGnb50mffFzZK7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYub-S6dHigwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB%26sig%3DAOD64_1OuFbfeVnOc6GMqer0_UEVAwCOkQ%26client%3Dca-pub-6276533791428328%26dbm_c%3DAKAmf-AsgC45LGyyWPnooJTxHoak8TdnNb3uR-uBcmRlixH7PnTIvEJ_YCas1sfnIMuMIhieb31avCDjb-puXBkhXl0KdcEMb45zxLRCy0wMMr7Xo-u-mxjENRoOq14uF9fLCO7hlhNCe4LwTCZcGrKn-lAEFejK4KRgMmT4BKlz985AjQnXO3I%26cry%3D1%26dbm_d%3DAKAmf-ABf8wl83E3QNLDHhAF5Q5hbXyKV7ffmBM4XLMir5puyoc1ZWCRR6s9KManwOFmQ85niEt2RXMYGycz8Sc1SX8PV0-ewyAGSifecHhmeuXKXEAnFlxVMkF9NjkXARq7X4MARVOOn2BZ3VyqCVE80_QfoDRI2AOttDp66OG74f3jXVXyduOByjdKW7ma8m_3JANpKpQGdYTlJejwge3UdSG8Aga5p70smc30cUJIiBnK85PGavjF3zGkDwJgSL0JG8BnoQFSJ1kKT6zBXt6wbtY8oodjC4yr9Faiv_JcIaCJ1Jehx0-sTsEzE0LTDInb-Ps201O1YsbTx6RSPltd17atYM0Q88O2vgtetmpLogX-_YV4m7XunkruNMy5XzM-Ie7XtOHb-6hbsqdWXyqya-p7-wYFAf4YXYo2Dx68AAM4MMKHZHXs5nphyH9qY8k_eC6XSMRIk67ddEWtWLmBs1aYPrZxSg5UISFipcAPBAk65nzNpoLciu52QINnipadP0gT2wJaHXw2yXLdB5smoZ3YphHoct0nYmD-m7Ce5Q4-sTd2vS8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6276533791428328%26output%3Dhtml%26h%3D90%26adk%3D1143835972%26adf%3D1117478253%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705433217%26rafmt%3D1%26to%3Dqs%26pwprc%3D8016500324%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fz4a.net%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705433217888%26bpp%3D1%26bdt%3D3421%26idt%3D1%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D8319729639551%26frm%3D20%26pv%3D1%26ga_vid%3D302895897.1705433217%26ga_sid%3D1705433217%26ga_hid%3D701868027%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1544%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C95320238%252C31079266%252C31079438%252C31080224%252C95321627%252C95322165%26oid%3D2%26pvsid%3D1834627871872826%26tmod%3D801129996%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fz4a.net&random=7375436638700&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 16 Jan 2024 19:26:59 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 5DD3 930 B
923 B 59ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpZyCgtimZbylBemRpt8P0euaqAqm5b2gaYWVnKfJD_AuEAEgjMiYe2CVgqCCsAfIAQmpAgveFLCSULI-qAMByAObBKoE3gFP0Kju5iqSPBkrs4nNKBJfGlAhGg3dLTaAW9BNZB_b17PUvgAc6dy0IgUrBcA5tg9W_9_l-sA8hOOgpPuSpYBdOp3bnBFKcmPBZvCKo1kxE5VUh0p1v1CZDkgqcilwa8sBYvzJvjlfFTC74gMNGegUxyUaFXjCUxb5ZoSjz1T64y7FH6WfUvH_4ZkecjCVaqbdSPclR4aRhJ1qIBx2_JQuFL4yjPrAyGBNEgP3D055eiQ14986yPgpUMYr59KO85MT_F342q3cIdWbYDaJf5SoXtQcUsGnb50mffFzZK7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYub-S6dHigwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB%26sig%3DAOD64_1OuFbfeVnOc6GMqer0_UEVAwCOkQ%26client%3Dca-pub-6276533791428328%26dbm_c%3DAKAmf-AsgC45LGyyWPnooJTxHoak8TdnNb3uR-uBcmRlixH7PnTIvEJ_YCas1sfnIMuMIhieb31avCDjb-puXBkhXl0KdcEMb45zxLRCy0wMMr7Xo-u-mxjENRoOq14uF9fLCO7hlhNCe4LwTCZcGrKn-lAEFejK4KRgMmT4BKlz985AjQnXO3I%26cry%3D1%26dbm_d%3DAKAmf-ABf8wl83E3QNLDHhAF5Q5hbXyKV7ffmBM4XLMir5puyoc1ZWCRR6s9KManwOFmQ85niEt2RXMYGycz8Sc1SX8PV0-ewyAGSifecHhmeuXKXEAnFlxVMkF9NjkXARq7X4MARVOOn2BZ3VyqCVE80_QfoDRI2AOttDp66OG74f3jXVXyduOByjdKW7ma8m_3JANpKpQGdYTlJejwge3UdSG8Aga5p70smc30cUJIiBnK85PGavjF3zGkDwJgSL0JG8BnoQFSJ1kKT6zBXt6wbtY8oodjC4yr9Faiv_JcIaCJ1Jehx0-sTsEzE0LTDInb-Ps201O1YsbTx6RSPltd17atYM0Q88O2vgtetmpLogX-_YV4m7XunkruNMy5XzM-Ie7XtOHb-6hbsqdWXyqya-p7-wYFAf4YXYo2Dx68AAM4MMKHZHXs5nphyH9qY8k_eC6XSMRIk67ddEWtWLmBs1aYPrZxSg5UISFipcAPBAk65nzNpoLciu52QINnipadP0gT2wJaHXw2yXLdB5smoZ3YphHoct0nYmD-m7Ce5Q4-sTd2vS8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6276533791428328%26output%3Dhtml%26h%3D90%26adk%3D1143835972%26adf%3D1117478253%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705433217%26rafmt%3D1%26to%3Dqs%26pwprc%3D8016500324%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fz4a.net%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705433217888%26bpp%3D1%26bdt%3D3421%26idt%3D1%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D8319729639551%26frm%3D20%26pv%3D1%26ga_vid%3D302895897.1705433217%26ga_sid%3D1705433217%26ga_hid%3D701868027%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1544%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C95320238%252C31079266%252C31079438%252C31080224%252C95321627%252C95322165%26oid%3D2%26pvsid%3D1834627871872826%26tmod%3D801129996%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fz4a.net&random=7375436638700&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 16 Jan 2024 19:26:59 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 23 Jan 2024 19:26:59 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 8203 0
326 B 74ms
21ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=14173600173585604444550012571009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpZyCgtimZbylBemRpt8P0euaqAqm5b2gaYWVnKfJD_AuEAEgjMiYe2CVgqCCsAfIAQmpAgveFLCSULI-qAMByAObBKoE3gFP0Kju5iqSPBkrs4nNKBJfGlAhGg3dLTaAW9BNZB_b17PUvgAc6dy0IgUrBcA5tg9W_9_l-sA8hOOgpPuSpYBdOp3bnBFKcmPBZvCKo1kxE5VUh0p1v1CZDkgqcilwa8sBYvzJvjlfFTC74gMNGegUxyUaFXjCUxb5ZoSjz1T64y7FH6WfUvH_4ZkecjCVaqbdSPclR4aRhJ1qIBx2_JQuFL4yjPrAyGBNEgP3D055eiQ14986yPgpUMYr59KO85MT_F342q3cIdWbYDaJf5SoXtQcUsGnb50mffFzZK7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYub-S6dHigwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB%26sig%3DAOD64_1OuFbfeVnOc6GMqer0_UEVAwCOkQ%26client%3Dca-pub-6276533791428328%26dbm_c%3DAKAmf-AsgC45LGyyWPnooJTxHoak8TdnNb3uR-uBcmRlixH7PnTIvEJ_YCas1sfnIMuMIhieb31avCDjb-puXBkhXl0KdcEMb45zxLRCy0wMMr7Xo-u-mxjENRoOq14uF9fLCO7hlhNCe4LwTCZcGrKn-lAEFejK4KRgMmT4BKlz985AjQnXO3I%26cry%3D1%26dbm_d%3DAKAmf-ABf8wl83E3QNLDHhAF5Q5hbXyKV7ffmBM4XLMir5puyoc1ZWCRR6s9KManwOFmQ85niEt2RXMYGycz8Sc1SX8PV0-ewyAGSifecHhmeuXKXEAnFlxVMkF9NjkXARq7X4MARVOOn2BZ3VyqCVE80_QfoDRI2AOttDp66OG74f3jXVXyduOByjdKW7ma8m_3JANpKpQGdYTlJejwge3UdSG8Aga5p70smc30cUJIiBnK85PGavjF3zGkDwJgSL0JG8BnoQFSJ1kKT6zBXt6wbtY8oodjC4yr9Faiv_JcIaCJ1Jehx0-sTsEzE0LTDInb-Ps201O1YsbTx6RSPltd17atYM0Q88O2vgtetmpLogX-_YV4m7XunkruNMy5XzM-Ie7XtOHb-6hbsqdWXyqya-p7-wYFAf4YXYo2Dx68AAM4MMKHZHXs5nphyH9qY8k_eC6XSMRIk67ddEWtWLmBs1aYPrZxSg5UISFipcAPBAk65nzNpoLciu52QINnipadP0gT2wJaHXw2yXLdB5smoZ3YphHoct0nYmD-m7Ce5Q4-sTd2vS8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6276533791428328%26output%3Dhtml%26h%3D90%26adk%3D1143835972%26adf%3D1117478253%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705433217%26rafmt%3D1%26to%3Dqs%26pwprc%3D8016500324%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fz4a.net%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705433217888%26bpp%3D1%26bdt%3D3421%26idt%3D1%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D8319729639551%26frm%3D20%26pv%3D1%26ga_vid%3D302895897.1705433217%26ga_sid%3D1705433217%26ga_hid%3D701868027%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1544%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C95320238%252C31079266%252C31079438%252C31080224%252C95321627%252C95322165%26oid%3D2%26pvsid%3D1834627871872826%26tmod%3D801129996%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fz4a.net&random=7375436638700&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:59 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 8203 43 B
360 B 74ms
21ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=14173600173585604444550012571009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpZyCgtimZbylBemRpt8P0euaqAqm5b2gaYWVnKfJD_AuEAEgjMiYe2CVgqCCsAfIAQmpAgveFLCSULI-qAMByAObBKoE3gFP0Kju5iqSPBkrs4nNKBJfGlAhGg3dLTaAW9BNZB_b17PUvgAc6dy0IgUrBcA5tg9W_9_l-sA8hOOgpPuSpYBdOp3bnBFKcmPBZvCKo1kxE5VUh0p1v1CZDkgqcilwa8sBYvzJvjlfFTC74gMNGegUxyUaFXjCUxb5ZoSjz1T64y7FH6WfUvH_4ZkecjCVaqbdSPclR4aRhJ1qIBx2_JQuFL4yjPrAyGBNEgP3D055eiQ14986yPgpUMYr59KO85MT_F342q3cIdWbYDaJf5SoXtQcUsGnb50mffFzZK7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYub-S6dHigwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB%26sig%3DAOD64_1OuFbfeVnOc6GMqer0_UEVAwCOkQ%26client%3Dca-pub-6276533791428328%26dbm_c%3DAKAmf-AsgC45LGyyWPnooJTxHoak8TdnNb3uR-uBcmRlixH7PnTIvEJ_YCas1sfnIMuMIhieb31avCDjb-puXBkhXl0KdcEMb45zxLRCy0wMMr7Xo-u-mxjENRoOq14uF9fLCO7hlhNCe4LwTCZcGrKn-lAEFejK4KRgMmT4BKlz985AjQnXO3I%26cry%3D1%26dbm_d%3DAKAmf-ABf8wl83E3QNLDHhAF5Q5hbXyKV7ffmBM4XLMir5puyoc1ZWCRR6s9KManwOFmQ85niEt2RXMYGycz8Sc1SX8PV0-ewyAGSifecHhmeuXKXEAnFlxVMkF9NjkXARq7X4MARVOOn2BZ3VyqCVE80_QfoDRI2AOttDp66OG74f3jXVXyduOByjdKW7ma8m_3JANpKpQGdYTlJejwge3UdSG8Aga5p70smc30cUJIiBnK85PGavjF3zGkDwJgSL0JG8BnoQFSJ1kKT6zBXt6wbtY8oodjC4yr9Faiv_JcIaCJ1Jehx0-sTsEzE0LTDInb-Ps201O1YsbTx6RSPltd17atYM0Q88O2vgtetmpLogX-_YV4m7XunkruNMy5XzM-Ie7XtOHb-6hbsqdWXyqya-p7-wYFAf4YXYo2Dx68AAM4MMKHZHXs5nphyH9qY8k_eC6XSMRIk67ddEWtWLmBs1aYPrZxSg5UISFipcAPBAk65nzNpoLciu52QINnipadP0gT2wJaHXw2yXLdB5smoZ3YphHoct0nYmD-m7Ce5Q4-sTd2vS8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6276533791428328%26output%3Dhtml%26h%3D90%26adk%3D1143835972%26adf%3D1117478253%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705433217%26rafmt%3D1%26to%3Dqs%26pwprc%3D8016500324%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fz4a.net%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705433217888%26bpp%3D1%26bdt%3D3421%26idt%3D1%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D8319729639551%26frm%3D20%26pv%3D1%26ga_vid%3D302895897.1705433217%26ga_sid%3D1705433217%26ga_hid%3D701868027%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1544%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C95320238%252C31079266%252C31079438%252C31080224%252C95321627%252C95322165%26oid%3D2%26pvsid%3D1834627871872826%26tmod%3D801129996%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fz4a.net&random=7375436638700&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:59 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8203 43 B
703 B 96ms
44ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=14173600173585604444550012571009&pv=1

Requested by

Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=6a8bc9dd50&subid=&uid=64fd2add7ce7fa98&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCpZyCgtimZbylBemRpt8P0euaqAqm5b2gaYWVnKfJD_AuEAEgjMiYe2CVgqCCsAfIAQmpAgveFLCSULI-qAMByAObBKoE3gFP0Kju5iqSPBkrs4nNKBJfGlAhGg3dLTaAW9BNZB_b17PUvgAc6dy0IgUrBcA5tg9W_9_l-sA8hOOgpPuSpYBdOp3bnBFKcmPBZvCKo1kxE5VUh0p1v1CZDkgqcilwa8sBYvzJvjlfFTC74gMNGegUxyUaFXjCUxb5ZoSjz1T64y7FH6WfUvH_4ZkecjCVaqbdSPclR4aRhJ1qIBx2_JQuFL4yjPrAyGBNEgP3D055eiQ14986yPgpUMYr59KO85MT_F342q3cIdWbYDaJf5SoXtQcUsGnb50mffFzZK7ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYub-S6dHigwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSPAAvHhf_pqkEcjk_8ZkoqLy-LiH4RgX1VQn3YQXYbx7snkkxf-jQZBvaQgFD2zlRJ4v7YeFQtp6VnFTq7BgB%26sig%3DAOD64_1OuFbfeVnOc6GMqer0_UEVAwCOkQ%26client%3Dca-pub-6276533791428328%26dbm_c%3DAKAmf-AsgC45LGyyWPnooJTxHoak8TdnNb3uR-uBcmRlixH7PnTIvEJ_YCas1sfnIMuMIhieb31avCDjb-puXBkhXl0KdcEMb45zxLRCy0wMMr7Xo-u-mxjENRoOq14uF9fLCO7hlhNCe4LwTCZcGrKn-lAEFejK4KRgMmT4BKlz985AjQnXO3I%26cry%3D1%26dbm_d%3DAKAmf-ABf8wl83E3QNLDHhAF5Q5hbXyKV7ffmBM4XLMir5puyoc1ZWCRR6s9KManwOFmQ85niEt2RXMYGycz8Sc1SX8PV0-ewyAGSifecHhmeuXKXEAnFlxVMkF9NjkXARq7X4MARVOOn2BZ3VyqCVE80_QfoDRI2AOttDp66OG74f3jXVXyduOByjdKW7ma8m_3JANpKpQGdYTlJejwge3UdSG8Aga5p70smc30cUJIiBnK85PGavjF3zGkDwJgSL0JG8BnoQFSJ1kKT6zBXt6wbtY8oodjC4yr9Faiv_JcIaCJ1Jehx0-sTsEzE0LTDInb-Ps201O1YsbTx6RSPltd17atYM0Q88O2vgtetmpLogX-_YV4m7XunkruNMy5XzM-Ie7XtOHb-6hbsqdWXyqya-p7-wYFAf4YXYo2Dx68AAM4MMKHZHXs5nphyH9qY8k_eC6XSMRIk67ddEWtWLmBs1aYPrZxSg5UISFipcAPBAk65nzNpoLciu52QINnipadP0gT2wJaHXw2yXLdB5smoZ3YphHoct0nYmD-m7Ce5Q4-sTd2vS8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6276533791428328%26output%3Dhtml%26h%3D90%26adk%3D1143835972%26adf%3D1117478253%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705433217%26rafmt%3D1%26to%3Dqs%26pwprc%3D8016500324%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fz4a.net%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705433217888%26bpp%3D1%26bdt%3D3421%26idt%3D1%26shv%3Dr20240109%26mjsv%3Dm202401080101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D8319729639551%26frm%3D20%26pv%3D1%26ga_vid%3D302895897.1705433217%26ga_sid%3D1705433217%26ga_hid%3D701868027%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D1544%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C95320238%252C31079266%252C31079438%252C31080224%252C95321627%252C95322165%26oid%3D2%26pvsid%3D1834627871872826%26tmod%3D801129996%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26fsb%3D1%26dtd%3D10&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fz4a.net&random=7375436638700&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jan 2024 19:26:59 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 5DD3 177 KB
63 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82a171f88286354bba7a6ba44019ff3efe0b2ddf992cef76c825d477557f85aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64569
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 18:58:32 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Jan 2024 19:26:59 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8203 2 KB
2 KB 137ms
56ms Script
text/html 18.132.128.129

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=14173600173585604444550012571009&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.128.129 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 6ddba9e5ee8f156b384c8a90f124df93b5cf07a86ccf39b79a6ff6bd5670c15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:59 GMT
last-modified: Tue, 16 Jan 2024 19:26:59 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 16 Jan 2024 19:27:59 GMT

GET
H2

200

activityi;dc_pre=CNzH8OnR4oMDFTsMogMdQ5UG-A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537 Show response
5994599.fls.doubleclick.net/ Frame 6DC9
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNzH8OnR4oMDFTsMogMdQ5UG-A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537?

2 KB
1015 B

55ms
54ms

Document
text/html

142.250.184.230

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNzH8OnR4oMDFTsMogMdQ5UG-A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

443d7f6cbe049b672114c6431c6183ab1b3b44d00edd051ff8eff998ca5df260

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 905
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:26:59 GMT
expires: Tue, 16 Jan 2024 19:26:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:26:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNzH8OnR4oMDFTsMogMdQ5UG-A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90009.redintelligence.net/ Frame 1EDB 7 KB
2 KB 35ms
12ms Document
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request_content.php?s=14173600173585604444550012571009&a=f08a3a86
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: af13f042d65302cb79a087cc0d7199abf8f66fb93f303f65354e4968b8c09b43

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2081
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Jan 2024 19:26:59 GMT
Expires: Tue, 16 Jan 2024 19:26:59 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A674 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 408
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 19:20:11 GMT
etag: 48472445140208031
expires: Wed, 17 Jan 2024 19:20:11 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8203 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1ed94da444c2026b169e36e7d139b61d3a22b39b3a44f3794f4eac191a949df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 1EDB 2 KB
434 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=14173600173585604444550012571009&a=f08a3a86

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 19:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 18:21:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 19:26:59 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1EDB 17 KB
17 KB 37ms
13ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=14173600173585604444550012571009&a=f08a3a86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 08036e046410470271bd746a5a07030310fc957e4bd4db429bf24b285784f09e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 19:26:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16984
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1EDB 16 KB
16 KB 126ms
102ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=14173600173585604444550012571009&a=f08a3a86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a9c74e029bbb26906975b7c64f43594a1e544d8aa7965bc74f82b05f43a13294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 19:26:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16513
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1EDB 11 KB
11 KB 39ms
14ms Image
image/png 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=14173600173585604444550012571009&a=f08a3a86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 528031e7eb4baade2d56c69e36355043c62e7b0c906eea9d12bbbacb78baaa3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 19:26:59 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10940
Vary: Accept-Encoding
Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A674
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEHKsnytjqMyGHoeak7tebgM&google_cver=1&google_push=AXcoOmSR5Q_9HeGBVBk7BlQJGuPzwRkyK1cBRowGeXVPnGtLG9Yaa8cxAhs8Og9u_xD4fFyzsFNNLt_QRgPs3NdK-VWux3m3gxvkYZeR
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzM5NDk2MzkxNTgwNTY4MTAyOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJFUYtATGJSHAJONPhdT4WI&google_cver=1

43 B
398 B

57ms
16ms

Image
image/gif

2001:678:cb4:bbbb::11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJFUYtATGJSHAJONPhdT4WI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: H2
Server: 2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJFUYtATGJSHAJONPhdT4WI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame A674 43 B
435 B 165ms
161ms Image
image/gif 2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESENfX-eQWFsxkY6qilyiYgOg&google_cver=1&google_push=AXcoOmTgC3iVVfeymeaKyJia3zpeXBORsRY6oyYRCAagLWMnr-bEiHK22mMSJFXLPeTTOe3nIelHjKhx9mCMTm-yjEwxPl5HDIhVCuny&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTgC3iVVfeymeaKyJia3zpeXBORsRY6oyYRCAagLWMnr-bEiHK22mMSJFXLPeTTOe3nIelHjKhx9mCMTm-yjEwxPl5HDIhVCuny%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8468c0d57fa89bdd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A674
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECsilAznPYh7SvuKVkGPNFo&google_cver=1&google_push=AXcoOmQyAGaO7iHZytqus6bE-v6ryJY-0edzA2biWcEN2Gp6f7J82l6DXkPF9r7ZDP7nwDwXWQM7WqdepCFHZV4pJJzF6O4zwHxaBLbY
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0B7A9E7722B4E3DBCFC642276CAE490&google_push=AXcoOmQyAGaO7iHZytqus6bE-v6ryJY-0edzA2biWcEN2Gp6f7J82l6DXkPF9r7ZDP7nwDwXWQM7WqdepCFHZV4...

170 B
188 B

25ms
25ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0B7A9E7722B4E3DBCFC642276CAE490&google_push=AXcoOmQyAGaO7iHZytqus6bE-v6ryJY-0edzA2biWcEN2Gp6f7J82l6DXkPF9r7ZDP7nwDwXWQM7WqdepCFHZV4pJJzF6O4zwHxaBLbY

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 Jan 2024 19:26:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C0B7A9E7722B4E3DBCFC642276CAE490&google_push=AXcoOmQyAGaO7iHZytqus6bE-v6ryJY-0edzA2biWcEN2Gp6f7J82l6DXkPF9r7ZDP7nwDwXWQM7WqdepCFHZV4pJJzF6O4zwHxaBLbY
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 15 Jan 2024 19:26:59 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A674
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENmD9d6JFVG1ksht--VfxmI&google_cver=1&google_push=AXcoOmSqMqo3PoAw2Jz0gDk8KRvgweUaAGFO1GaGnK3dcYRdNQDmJZZzylVBLtXbin2ngUFDsOkmHfrnb_AjTj...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSqMqo3PoAw2Jz0gDk8KRvgweUaAGFO1GaGnK3dcYRdNQDmJZZzylVBLtXbin2ngUFDsOkmHfrnb_AjTj42qBy1xOjjzm-P5B1U&google_hm=hmWm2IL0546S4...

170 B
188 B

25ms
25ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSqMqo3PoAw2Jz0gDk8KRvgweUaAGFO1GaGnK3dcYRdNQDmJZZzylVBLtXbin2ngUFDsOkmHfrnb_AjTj42qBy1xOjjzm-P5B1U&google_hm=hmWm2IL0546S4orojA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65A6D882F4E78E92E28AE88CBLIS

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSqMqo3PoAw2Jz0gDk8KRvgweUaAGFO1GaGnK3dcYRdNQDmJZZzylVBLtXbin2ngUFDsOkmHfrnb_AjTj42qBy1xOjjzm-P5B1U&google_hm=hmWm2IL0546S4orojA&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65A6D882F4E78E92E28AE88CBLIS
date: Tue, 16 Jan 2024 19:26:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame A674 43 B
362 B 18ms
16ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRo0RDCBEj1ivqih2KINrziLMIogA0-ZErqdKB_fAgUlBIdXzmDQb905PE9HzfEOoEkjVBG2PU-TYLod7fx14D0dsJm5WWPWe8i&google_gid=CAESEIIUcXb-lE0Qo98A90n7Mec&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:58 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 316526
expires: Tue, 16 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A674
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ4qvDfoQ5BAP8iVMHximoo&google_cver=1&google_push=AXcoOmQ1BdKB94-2ufDFD3CgkECP9U0vY27eytV3GXaovYDQwykkpAgSA8nknj9qOHzWEOfEEGbf58tz...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzMyNTAyNzM0MDA4NDY0OA&google_push=AXcoOmQ1BdKB94-2ufDFD3CgkECP9U0vY27eytV3GXaovYDQwykkpAgSA8nknj9qOHzWEOfEEGbf58...

170 B
188 B

25ms
25ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzMyNTAyNzM0MDA4NDY0OA&google_push=AXcoOmQ1BdKB94-2ufDFD3CgkECP9U0vY27eytV3GXaovYDQwykkpAgSA8nknj9qOHzWEOfEEGbf58tz_a5Tfj3uGZwcZkat13GNm1vt

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzY2MzMyNTAyNzM0MDA4NDY0OA&google_push=AXcoOmQ1BdKB94-2ufDFD3CgkECP9U0vY27eytV3GXaovYDQwykkpAgSA8nknj9qOHzWEOfEEGbf58tz_a5Tfj3uGZwcZkat13GNm1vt
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame A674
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELluyo_iKZwN...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmR9GSncF8whNVyyL_hJ0r0d4RE3roa5yESOAa2Vu904Nfxk7gNGt9EiSRNq6IUXFlVAwYtc3l1H-_r5z6e8RIVMLLvgyyNC3sou-w
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

37ms
36ms

Image
image/gif

23.32.185.35

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: H2
Server: 23.32.185.35 -, , ASN (),
Reverse DNS
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 16 Jan 2024 19:26:59 GMT
pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A674 0
12 B 23ms
22ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgOe5L2VqVE-TTje-NGJ-zq5EwAjDzWQdKH1hkvcRhnQqnAQZNpyhB1xJfRMKHV1rLeo6hcw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 5DD3 276 KB
91 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

888388bf3b36b07e6091d416c26a020c4f4c6a001680513c7393ca01f8511067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 19:26:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93449
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 19:26:59 GMT

GET
H/1.1 200
OK viewability Show response
hal90009.redintelligence.net/ Frame 1EDB 0
150 B 38ms
12ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/viewability?s=14173600173585604444550012571009&a=c5d3ec30&vb=m
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=14173600173585604444550012571009&a=f08a3a86
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/request_content.php?s=14173600173585604444550012571009&a=f08a3a86
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 19:26:59 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC8C 43 B
215 B 201ms
178ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=4c59af51-75bd-a300-4859-c2634ba6e0e1&tv=%7Bc:1uGMB1,pingTime:-10,time:594,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIxNiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705433219495%7C%7Cb8aaa2e79b1228c0281f9249da97cf3f%7C%7Cacc8ce73e974315fdfcc4ebb5f3c527d%7C%7Ce57bfb596fd56c47eaf4da15b0ec8259%7C%7C5d0c5ade0b561c0882e46511eb40559c%7C%7Cad432645330f23310e70b48c0b657c04%7C%7Cc06b4efab24362603f8df7372c2664c1%7C%7Ce5a13a62b3b6d07390f2b71a83c30db1%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: nginx
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dc_pre=CNzH8OnR4oMDFTsMogMdQ5UG-A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537
adservice.google.com/ddm/fls/z/ Frame 6DC9 42 B
401 B 594ms
50ms Image
image/gif 2a00:1450:4001:806::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNzH8OnR4oMDFTsMogMdQ5UG-A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNzH8OnR4oMDFTsMogMdQ5UG-A;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3944937099574.537?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDU5OTQ1OTkKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2RvdWJsZWNsaWNrLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdf...
ad.doubleclick.net/ddm/activity/ Frame 6DC9 0
1 KB 48ms
47ms Image
image/png 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDU5OTQ1OTkKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2RvdWJsZWNsaWNrLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAxNzg0NDMwNjAzNDU2NTEwMTI2MwpjdGNfY29udmVyc2lvbl9idWNrZXQ6IDUKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA2MDMyNjY5CiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTE2IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiAyNzg4NzM0MjA5MzAyMDY3MDczCg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2788734209302067073"}],"aggregatable_trigger_data":[{"filters":{"14":["6032669"]},"key_piece":"0xfac9716392c85bdd","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xbd31470f250ffc43","not_filters":{"14":["6032669"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6032669"]},"key_piece":"0xb8b60c70f3c9c885","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x5e855d84bcdfec74","not_filters":{"14":["6032669"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"17844306034565101263","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2788734209302067073","filters":{"14":["6032669"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"2788734209302067073","filters":{"14":["6032669"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"2788734209302067073","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"2788734209302067073","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["5994599"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8203 54 KB
19 KB 558ms
16ms Script
application/javascript 52.222.139.129

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=14173600173585604444550012571009&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.129 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:24:12 GMT
content-encoding: gzip
via: 1.1 abc3ecd1d98ae9cd426d47386509de18.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 10969
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: jLiiFUtqEjdq8v7bqLeik64oslLqAU3bL8wjeYyHsklpZ5px6wFPKw==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 8203 3 KB
3 KB 43ms
9ms Image
image/png 99.86.4.53

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1705433519&Signature=QxJiqdfBJIpN4W9rl0aBJebl6eon84GbCFOYjJTS8bh2L1tm69SNy6UZJGeb0qK~upQcOtZx7QiomJ9-xujm4hXQUsfhsxgO07pIGeyY6enKDZja0jvxJ2wmC4QLISAz7mzwUQE7-VcBIM4L39pZ4dYKE7D-LhK1E3N4gBoI0rrlB7Fz1iK6OldvaUWmtWbkYEdFJNlgmwPQLLRVJ1uMbWTu1a5FamXF61y9Wu4poEkzH0q3vQ6a9-gze7n5uHtat5t0dGF7oxK6k97G3j13HKFOm3v4mtFRMEvZAJcuLIORl235RMc~OdH4T0Nl0pOlorzQlB8Z4ULn8tjZx5eCwQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6276533791428328&output=html&h=90&adk=1143835972&adf=1117478253&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705433217&rafmt=1&to=qs&pwprc=8016500324&format=1200x90&url=https%3A%2F%2Fz4a.net%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705433217888&bpp=1&bdt=3421&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8319729639551&frm=20&pv=1&ga_vid=302895897.1705433217&ga_sid=1705433217&ga_hid=701868027&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1544&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320238%2C31079266%2C31079438%2C31080224%2C95321627%2C95322165&oid=2&pvsid=1834627871872826&tmod=801129996&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 16 Jan 2024 09:14:49 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 36730
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: 3xHBegqwTbTTRdXFZjxuVP2AMA22WKcMx6tUJcPPY26O4fIIk0oZyA==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CC8C 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXsG7Ie_fWnqZOmQ_HsXY9BLK7tEda4tHw0joCyw-WLABTRQKjAfUugEgojhLArO4KY2rasR-Za61VfMQNTvFp8NgddinNgYzLbceHnjpyMzuw58L813uRpMNxp3C80bZxKhJ2RfC12RqU8iKkI3vyfIrh&sai=AMfl-YQLJ9omuZTl1G5D-9yNnyoUm_hk5hOb_6RyZDCa-c6F8S6QtEIvsyCDJhButGmvd9PIxYN1mEMoLN4VMxKkbrHTbrDlv7XeO-u65V9fOouJEmBetjXDa5Pc0y_ywQv0zdbv1XozeDB5_s5M3UCESA&sig=Cg0ArKJSzDmvqYKKMm5QEAE&cid=CAQSTwAvHhf_zaKWKscZNVebMF5-gMAAn-n6S3ziTBvWkayPQsJyW-eGo0bJ042Rw1swyFA88M6Wqq6c90lE88NfvSbgDfBMRukGwxVUsG2NwnQYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=374,829,1000,1000,1000&tos=374,455,171,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3895348141&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705433218382&rpt=327&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC8C 43 B
215 B 175ms
175ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=4c59af51-75bd-a300-4859-c2634ba6e0e1&tv=%7Bc:1uGMHG,time:1007,type:e,im:%7Bpci:%7Btdr:776%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1007,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:211,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B810~0%5D,as:%5B810~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:734,fm:u1yvZ7D+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1611%7C1612%7C171*.1925915-77841638%7C1711%7C17121%7C1713,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:213,sis:330%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:26:59 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 124ms
25ms Preflight 3.11.114.248

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.114.248 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 16 Jan 2024 19:27:00 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8203 16 B
209 B 64ms
64ms Fetch
application/json 3.11.114.248

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.11.114.248 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Jan 2024 19:27:01 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC8C 0
20 B 45ms
44ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5176278700984&version=m202309260101&ct=76&x=1&cor=12709553397576671000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:27:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8203 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7997139939523&version=m202309260101&ct=77&x=1&cor=11448781649776316000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:27:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC8C 43 B
215 B 187ms
186ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=4c59af51-75bd-a300-4859-c2634ba6e0e1&tv=%7Bc:1uGN58,pingTime:1,time:2461,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:211%7D,%7Bpiv:100,vs:i,r:,t:1461%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1460,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:211,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1264~0,0~100%5D,as:%5B1264~728.90%5D%7D%7D,%7Bsl:i,t:1460,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:177,fm:u1yvZ7D+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1611%7C1612%7C171*.1925915-77841638%7C1711%7C17121%7C1713,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:213,sis:330%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:27:01 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CC8C 43 B
215 B 178ms
178ms Image
image/gif 2600:1f13:800:7782:857d:d048:5cf8:98f7

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1925915&asId=4c59af51-75bd-a300-4859-c2634ba6e0e1&tv=%7Bc:1uGN59,pingTime:1,time:2462,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:211%7D,%7Bpiv:100,vs:i,r:,t:1461%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1460,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:211,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1264~0,0~100%5D,as:%5B1264~728.90%5D%7D%7D,%7Bsl:i,t:1460,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:177,fm:u1yvZ7D+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1611%7C1612%7C171*.1925915-77841638%7C1711%7C17121%7C1713,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:213,sis:330%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:857d:d048:5cf8:98f7 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 19:27:01 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
z4a.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: kgsov4a37c4jo3itqqv8vt7tos
.z4a.net/	1970-01-21 03:19:53	Name: _ga_PCWFZC6656 Value: GS1.1.1705433216.1.0.1705433216.60.0.0
.z4a.net/	1970-01-21 03:19:53	Name: _ga Value: GA1.2.302895897.1705433217
.z4a.net/	1970-01-20 17:45:19	Name: _gid Value: GA1.2.1833060869.1705433217
.z4a.net/	1970-01-20 17:43:53	Name: _gat_gtag_UA_76967492_1 Value: 1
.adnxs.com/	1970-01-20 19:53:29	Name: uuid2 Value: 7143159574534119827
.z4a.net/	1970-01-21 03:05:29	Name: __gads Value: ID=90e84896fc785a97:T=1705433216:RT=1705433216:S=ALNI_MbLd3FlvRPt3ZEF8U87Twl2KYvn0w
.z4a.net/	1970-01-21 03:05:29	Name: __gpi Value: UID=00000d42ae01c91a:T=1705433216:RT=1705433216:S=ALNI_MY81MNG23cDj7bWek2rjuT-y4q56g
.casalemedia.com/	1970-01-21 02:29:29	Name: CMID Value: ZabYgs0vnouGRkorQ8EBWAAA
.casalemedia.com/	1970-01-20 19:53:29	Name: CMPS Value: 2123
.casalemedia.com/	1970-01-20 19:53:29	Name: CMPRO Value: 2123
.doubleclick.net/	1970-01-20 17:43:56	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:05:29	Name: IDE Value: AHWqTUkLcbdbolDkklbwyIg02Nd27wCZl_J9dVJrbjYpLec06OKfKkRRgnxxQwfGLKo
.doubleclick.net/	1970-01-20 22:03:05	Name: APC Value: AfxxVi5KJ527hTWDI1ArpBwE_D75hwX-FUlmz0r7VObo-XGV51I1eQ
.adnxs.com/	1970-01-21 03:19:53	Name: XANDR_PANID Value: jiOzktfdGRzq6UIqPT9jRsp1rKGTsRhHdpo7q_QR0KuXR9d9MEZZ7iMqDCSgDgjkSRa2YsgFM9sVlx6U9WixJ_IE6DX1x7xQwSdNq1YJ7aA.
.adnxs.com/	1970-01-20 19:53:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HbzFaT-`!@wnfH8K6pQK`!5=E<L5?%Lz7TQ<@XN7yViHMcpbC<'82Rv[G?T:ffr)Y]F%nugO%v4VB%nn80#@6e
.quantserve.com/	1970-01-20 19:53:29	Name: d Value: EEcBCQH1KoEA
.quantserve.com/	1970-01-21 03:14:07	Name: mc Value: 65a6d882-e5901-062df-23f3d
.blismedia.com/	1970-01-21 02:29:33	Name: b Value: 65A6D882F4E78E92E28AE88CBLIS
.doubleclick.net/	1970-01-20 18:27:05	Name: ar_debug Value: 1
.adform.net/	1970-01-20 18:28:31	Name: C Value: 1
.adform.net/	1970-01-20 19:10:17	Name: uid Value: 3663325027340084648
.redintelligence.net/	1970-01-20 19:53:29	Name: 8lcfmzhxc8d6_uid Value: dce6a71b94551df1
.bluekai.com/	1970-01-20 22:03:05	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 22:03:05	Name: bkpa Value: KJyN0A6vQY9xxmcENBS4zVHZ/VtbuJExx/3D5wfYqwAI7g3AHLUQ6DIcJvkOMtVUUWmXRbTepJJvk6Vt+ptY6Rp5NZjQyYWedUQt+jG1QDUqrUyF/EFwqO8M7YDO
.bluekai.com/	1970-01-20 22:03:05	Name: bku Value: ts6O9/wRoZDCtWW6
.yahoo.com/	1970-01-21 02:29:50	Name: A3 Value: d=AQABBIPYpmUCEP4XDonA_U4e1_NVnEjiykcFEgEBAQEqqGWwZQAAAAAA_eMAAA&S=AQAAAqD65VKqQb-UgDMbGsLFcVk
.googleadservices.com/	1970-01-20 19:53:29	Name: ar_debug Value: 1
.tribalfusion.com/	1970-01-20 19:53:29	Name: ANON_ID Value: aDntuJrwZaybQXwrSPTrCIVI575ZdpMBRAeFeZbnUN9mLT8Fx020f2VCE6c3Y21MdMZctZdLxaBMaOy0F63mDHyH9flwa
.awin1.com/	1970-01-20 17:53:58	Name: awpv11601 Value: 113440\|1705433219\|37cc3f40-b4a5-11ee-9c4b-223173d2bc6e
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.office-partner.de/	1970-01-21 03:19:53	Name: source Value: {"webgains_webgains":{"timestamp":1705433219449,"clickCookie":false}}
.simpli.fi/	1970-01-21 02:30:55	Name: suid Value: C0B7A9E7722B4E3DBCFC642276CAE490
.turn.com/	1970-01-20 22:03:05	Name: uid Value: 3394963915805681028

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
c1.adform.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90009.redintelligence.net
ib.adnxs.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
pv.medialead.de
r.turn.com
region1.analytics.google.com
s.tribalfusion.com
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync.teads.tv
tags.bluekai.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z4a.net
104.102.45.165
104.18.36.155
138.201.63.149
138.201.84.245
142.250.184.230
142.250.186.34
142.250.74.194
172.217.16.194
178.250.1.9
18.132.128.129
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.58.206.38
23.32.185.35
2600:1f13:800:7782:857d:d048:5cf8:98f7
2600:9000:223f:c200:8:48e:53c0:93a1
2606:4700:3038::6815:eaeb
2606:4700::6812:18ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a05:d018:d29:3602:1de1:fa9f:7936:94dd
2a0b:4d07:102::1
3.11.114.248
34.91.62.186
34.96.105.8
35.157.107.95
37.157.6.232
37.252.173.215
52.222.139.129
54.155.202.187
69.192.160.219
91.121.248.44
99.86.4.53
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
07497e600d542b16e71f360179e2018d30b254cf361db69f24d083d2a060df17
08036e046410470271bd746a5a07030310fc957e4bd4db429bf24b285784f09e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b1eed1b648f04904806be56cedae1cc510723ff29049d0d2e6e19591dc4fcea
1ff410c49df1880c0d305691923c285ecf96aff086fc430af176e59bf18d4357
2153e915beaff7acc17643951e8f366eb1201a564af7afb567347fc737a9d98e
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2ae19101b84ce6248d41292c60d13c032465e531e6235542716cf9f25e6c4662
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d0f761b831739a407229c936b22dd5a65fe4def245d4adf8977af514a2bf85a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ef56e0c7d530369c91614f1e323973ca28faffad04bbb97e68b0816ccf5673c
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35c82e03c0c1858d6e95e6695f9d090dc90c5be8f8b79b3f22232044b381f225
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3aed7712c20249e5ce2f633d3ccce576e5f2863b39664d6042f690fff23a39ae
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
443d7f6cbe049b672114c6431c6183ab1b3b44d00edd051ff8eff998ca5df260
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48494fb378d755211442e200ba4ec06ba1f6aed99e275d484b95b5340ddb9fdb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c4311646bf0a8176c70ca3b82c96fab13627d35324309d879bbaa167daf59f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d8abbe37e0de25d12b7ba0d0add7dbb43130d420004a7b2395bd0115b30f25a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
528031e7eb4baade2d56c69e36355043c62e7b0c906eea9d12bbbacb78baaa3f
547a49e6ffa62067fd09740c7d2794c749ca716954cd06af2640c15e633af686
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b7a78b08cd91b627fbad38b575ffad2ccac891881a2a315151762f87011982
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6ddba9e5ee8f156b384c8a90f124df93b5cf07a86ccf39b79a6ff6bd5670c15c
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
79a85ed11e933432384a09ef9df65c3936749ae8dc2640bb4dfd71280db50064
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7c4b6ce035ed84b3498b0dc10f3e0ab8c6861ba20e92c5c9c254e93ff10e87d4
82a171f88286354bba7a6ba44019ff3efe0b2ddf992cef76c825d477557f85aa
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87a5ced2a3f05591404b0fd2b735e8fe56edf86a437f27b49d3d6ebc0a181c8a
888388bf3b36b07e6091d416c26a020c4f4c6a001680513c7393ca01f8511067
8c9a9e8360771c2e6c7f24390387d532d0ff17ed10ee83205b7019ddf271a692
92396917ea90b33297b8cfb311e2958640ab789d03ce7218ba10bdef264380d1
938bb79f64d35741a592a07d71cc15ddd5efb0e1fab536ed56f3746f8594ba18
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2708301f5974fd85e89d508243f8735b62c9bee527a04f05926923575cbd568
a48e66e8772080e5affc86bbc23ac2fd57863e2347e2d0a24fa5e4125b3fc5f4
a9c74e029bbb26906975b7c64f43594a1e544d8aa7965bc74f82b05f43a13294
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ae27dd299e6d62cc88a0a6fc946a8412af6f47199771da1dc146db4d7bff57da
af13f042d65302cb79a087cc0d7199abf8f66fb93f303f65354e4968b8c09b43
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b4336111e84dc42f94adca7e9798d71626c2a01330dc700bda5fc9873dc39efa
b6e4114fe6e6b844b270db7c28ab8a31cd5638a8682e13f78238cea0d4911fc6
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c1ed94da444c2026b169e36e7d139b61d3a22b39b3a44f3794f4eac191a949df
c2920d68d6da1cdca467d144c5b7f6f9a33afb8b7585f3b9f674c74ee22348f2
c6859b69c71cfeffd2bb7ddf052908d8f6f00099025f40a63d8fcf2cd5e5f69f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cea3ab340fca277012c43291c399d671e2777c383696e19e48ca81afbdfd947f
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
ddef912d8de7f2cd437efc4ee3944e6c2f02ad4122c3a6c1a51abb90c3ac2f52
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def88eaa113bdc425c48d7f3c190423bd3f9a7f866bc26976ac9ab8ff86e34cc
e1f19b035a48ad9f11e3cb32f0438a334b98efc3d07b269d0f2f0111a0944b4d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55a7fa1b416569cfc36ab9d88773b848f16cd61e2fb3129cb7d65cbe386d1e0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e8b2ca03ab80823290bff76767d9269744128b08f6852c482621b3743ba4e56a
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb06bb1503983abdbf8fea522919d6c8994a74eae8a7464d8c6da87f24481f95
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d
fb4031d2ddf005d740d1278eaf4afafd4ea836d3c61a1ccd27cdffe9c11ba17a
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

z4a.net Open in urlscan Pro 2606:4700:3038::6815:eaeb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

89 %HTTPS

49 %IPv6

33 Domains

48 Subdomains

43 IPs

8 Countries

2230 kBTransfer

5873 kBSize

34 Cookies

3 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

z4a.net Open in urlscan Pro
2606:4700:3038::6815:eaeb Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

89 %
HTTPS

49 %
IPv6

33
Domains

48
Subdomains

43
IPs

8
Countries

2230 kB
Transfer

5873 kB
Size

34
Cookies

179 HTTP transactions
5 data transactions