www.nix-wie-weg.de Open in urlscan Pro
18.193.163.64  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://nixwieweg.ch/ HTTP 301
   https://www.nix-wie-weg.de/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

• https://bbnaut.ibillboard.com/match/AdScale?partneruid=2721f30ff1e64643b768c22491691baf&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
• https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=101&tpuid=BBID-01-03805280940748331-17135640

Request Chain 97

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBm1UDEH8d1F17E1bwmluDQ&google_cver=1&gdpr=0

Request Chain 98

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZayoTivRpz5deuomQ7AhpAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1

Request Chain 99

• https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=4e3ddf4399332f72fd21a523e848447b7e8ad817c3889effd88ddadd27d01786&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg&gdpr=0 HTTP 302
• https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg&gdpr=0&s=183592&tpid=63&uid=4e3ddf4399332f72fd21a523e848447b7e8ad817c3889effd88ddadd27d01786&C=1 HTTP 302
• https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZayoTiYkVwz2OUX2V6o4hQAA%261147

Request Chain 103

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1&gdpr=0

Request Chain 104

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZayoTivRpz5deuomQ7AhpAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1

Request Chain 131

• https://track.adform.net/serving/cookie/match/?party=9&uid=45570f02aec44112a3e49d2673c29700246153c2de9f8d1e802532b00eb13a4b&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg&gdpr=0 HTTP 302
• https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=45570f02aec44112a3e49d2673c29700246153c2de9f8d1e802532b00eb13a4b&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg&gdpr=0 HTTP 302
• https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=42&gdpr=0&tpuid=6163548036286723000

Request Chain 135

• https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=ba31222b1ee953d6d7b9660dfcae33bd29beff2cd6ef04dc1bde55c63cb0cdb3&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg&gdpr=0 HTTP 302
• https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=8c375685-132e-4399-935e-5337bd41830c&gdpr=0

Request Chain 136

• https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=c82477ac012d19982279627f7380f96142aeabe9663f28d43cdb8b48358a0f93&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg&gdpr=0 HTTP 302
• https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?uid=c82477ac012d19982279627f7380f96142aeabe9663f28d43cdb8b48358a0f93&tpid=38&gdpr=0&tpuid=CAESEJHH91ZOBAYAf3aPaOdge18&google_cver=1

Request Chain 137

• https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 307
• https://adscale-emea.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fih.adscale.de%252Fsium%252F2f7cd7e0b3ae4190b02ba2527b4b5cdb%252F1705814093915%252F0%252Fimg%253Ftpid%253D75%2526tpuid%253D%2524UID%26gdpr%3D0 HTTP 302
• https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=75&tpuid=3630214451870884020&gdpr=0

Request Chain 140

• https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=a75761633281f9f8814545584f9f14f9b66f759eb1be6bc538b236b384b626d8&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fjs&gdpr=0 HTTP 302
• https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=a75761633281f9f8814545584f9f14f9b66f759eb1be6bc538b236b384b626d8&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
• https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/js?tpid=48&tpuid=6f559b57ab8404423580f3c09af396f0

Request Chain 158

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEO00JHI23du1vrghfMbHLUc&google_cver=1&google_push=AXcoOmTqzn2bdC9nw6E600AIRw8w_mxIOlk0GtEzIM-PhGp8KTVpepxK2CKxe8ETX6w3RQkImCQ6wqwazpkF5My_AZPNh_IaazbLyg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTqzn2bdC9nw6E600AIRw8w_mxIOlk0GtEzIM-PhGp8KTVpepxK2CKxe8ETX6w3RQkImCQ6wqwazpkF5My_AZPNh_IaazbLyg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO00JHI23du1vrghfMbHLUc&google_cver=1&google_push=AXcoOmTqzn2bdC9nw6E600AIRw8w_mxIOlk0GtEzIM-PhGp8KTVpepxK2CKxe8ETX6w3RQkImCQ6wqwazpkF5My_AZPNh_IaazbLyg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTqzn2bdC9nw6E600AIRw8w_mxIOlk0GtEzIM-PhGp8KTVpepxK2CKxe8ETX6w3RQkImCQ6wqwazpkF5My_AZPNh_IaazbLyg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 159

• https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENZmjgTim_tNqZ5tASIX940&google_cver=1&google_push=AXcoOmRDoy-0hQmholpoKG4BXtYyMfEhT_Fv3t71Seb3t--aewC45hAocG9Z2aenc9l7f6FS7RPZ_FnBd0HNbnqrnV_4OY6-rXtd HTTP 302
• https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESENZmjgTim_tNqZ5tASIX940&google_cver=1&google_push=AXcoOmRDoy-0hQmholpoKG4BXtYyMfEhT_Fv3t71Seb3t--aewC45hAocG9Z2aenc9l7f6FS7RPZ_FnBd0HNbnqrnV_4OY6-rXtd HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=HF7UaGsHTaep9ke82Bsva2WsqE8

Request Chain 160

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENLp3U8P8m5OmSF910tFUeM&google_cver=1&google_push=AXcoOmRp5EGKDFtDsS9bHEALAWa9wPSQPLUATV3Gk4OAd5yMzmhJLTbDaQwKu2PY_f5aSITEM1smG8fYxISFTDP9SG0Nn4UpcgkQzA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOMU8zTzEtMTItSjVIOA==&google_push=AXcoOmRp5EGKDFtDsS9bHEALAWa9wPSQPLUATV3Gk4OAd5yMzmhJLTbDaQwKu2PY_f5aSITEM1smG8fYxISFTDP9SG0Nn4UpcgkQzA

Request Chain 161

• https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTjmwnrhW2UMqtuXo5l0G1F2oCTTUVIn6cnuTYs9JL5JNCHTlVAD9KeDzfX8Ga0H47WwbGcxykiPhFAnwB6HR9zOT1US2M%26google_hm%3D%5BUID%5D&google_gid=CAESEMXCqlTz9AX58RpEAmNG_jc&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTjmwnrhW2UMqtuXo5l0G1F2oCTTUVIn6cnuTYs9JL5JNCHTlVAD9KeDzfX8Ga0H47WwbGcxykiPhFAnwB6HR9zOT1US2M&google_hm=9d3ba53f-1883-4042-b098-fc184cb7bb03

Request Chain 162

• https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRWM94ftpxZ9jPv2G0_ACKEZEh-bRD19XVn3ZJ3tvM9uJwqlsbaV5OBXdh6CrXrrjm6FfxGvMfsUlGHSXmKTRi65-D1vcEVK4Y&google_gid=CAESEOvdOvEf5vJJYQcWUDiIJog&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOvdOvEf5vJJYQcWUDiIJog&google_hm=T1BVOTFlMDYxYTY4YzU0NDk3NWFmNWY5NzliYTVmNzdhNGM&google_nid=opera_norway_as&google_push=AXcoOmRWM94ftpxZ9jPv2G0_ACKEZEh-bRD19XVn3ZJ3tvM9uJwqlsbaV5OBXdh6CrXrrjm6FfxGvMfsUlGHSXmKTRi65-D1vcEVK4Y

Request Chain 163

• https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJq9dXjiAnrIxAxkr2lxQE&google_cver=1&google_push=AXcoOmRfvgKHU2fLX4s9em7gdsPk-OkhtjYwg-1_O5b6cctifOaFV6RK_ROzcqbbHpCL-Qvr-gbyxdt1QqkCpuBmDj0Dek6L-fgDuf0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRfvgKHU2fLX4s9em7gdsPk-OkhtjYwg-1_O5b6cctifOaFV6RK_ROzcqbbHpCL-Qvr-gbyxdt1QqkCpuBmDj0Dek6L-fgDuf0 HTTP 302
• https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 164

• https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEGjm6HMZhUX9UTyf4_xhK_w&google_cver=1&google_push=AXcoOmSUCtFr8nEVkwuSIthyw1Xf3FlcugK57x89iM6S6GN8LXrPWkpZteWf7VLqB9YjdesrCaTJ63uN_YgBYhzoiE70_h-gk-45DnA HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=48ae318d-814a-487e-b77a-cdebb1638a7b&google_cver=1&google_gid=CAESEGjm6HMZhUX9UTyf4_xhK_w&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSUCtFr8nEVkwuSIthyw1Xf3FlcugK57x89iM6S6GN8LXrPWkpZteWf7VLqB9YjdesrCaTJ63uN_YgBYhzoiE70_h-gk-45DnA&gdpr=${GDPR}

Request Chain 171

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1&gdpr=0

Request Chain 172

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZayoTivRpz5deuomQ7AhpAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1

Request Chain 202

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEIav_u10-1das_MwuoOmLU&google_cver=1&google_push=AXcoOmTKr_lnySpD8bPBMs_06VSZB5L6SHtmQrJSsdd5pNuFq9Om-4Kiw6r46c0GnnV_6Nxi6npSmfUXMXlxNYWFbnBpFxGisJ4rXw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEIav_u10-1das_MwuoOmLU&google_push=AXcoOmTKr_lnySpD8bPBMs_06VSZB5L6SHtmQrJSsdd5pNuFq9Om-4Kiw6r46c0GnnV_6Nxi6npSmfUXMXlxNYWFbnBpFxGisJ4rXw

Request Chain 203

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGNAeFZN_hzx5loJ_pnu42s&google_cver=1&google_push=AXcoOmRsqitBc1Gh7JAKNULhWhZdHbW2pSFiScAk0Vnq7Unxx_M75QVPfnECjga1A7l1owOefDPhGfPADqqLtO2cHTUHPwHW7AXxSQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNjQxNTc1MTA4NzcxNjUwNA%3D%3D&google_push=AXcoOmRsqitBc1Gh7JAKNULhWhZdHbW2pSFiScAk0Vnq7Unxx_M75QVPfnECjga1A7l1owOefDPhGfPADqqLtO2cHTUHPwHW7AXxSQ

Request Chain 204

• https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMJq9dXjiAnrIxAxkr2lxQE&google_cver=1&google_push=AXcoOmQi-XZe74y1QmhMTUB6t64Bp3zySSZdYjGPOE9ZZfZ17jmpr3OLq5b6WCAFcwvCtBww68UZ2YXxvrCVGNAwJ5rHESsePuV0bg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQi-XZe74y1QmhMTUB6t64Bp3zySSZdYjGPOE9ZZfZ17jmpr3OLq5b6WCAFcwvCtBww68UZ2YXxvrCVGNAwJ5rHESsePuV0bg

Request Chain 205

• https://google.partners.tremorhub.com/sync?UIDF=CAESEGWhTP1n029Z6FNwZkTe72I&google_cver=1&google_push=AXcoOmR0rEXCmXQZOOxqwhsyoJYky1oSG3OpzR4WMzi-W_v_Dse0snLPMO8IBrmetgKoBU7t1EhI_WD2uG_gXFiR5IDObpeJEKw_nw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NDlkMWNlNmY1ZWIyNDVlYWJhYTVhODQzZmUyNDg3MGI%3D&UIDF=CAESEGWhTP1n029Z6FNwZkTe72I&google_cver=1&google_push=AXcoOmR0rEXCmXQZOOxqwhsyoJYky1oSG3OpzR4WMzi-W_v_Dse0snLPMO8IBrmetgKoBU7t1EhI_WD2uG_gXFiR5IDObpeJEKw_nw

Request Chain 206

• https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESENss6MzgTMSXVCZqibL5kpw&google_cver=1&google_push=AXcoOmTpkr6sGyKybK4U6wQXlh8z59NZb3JssDaRzjRNJ3ur4iQ4JiLVZMd_GKi9NaE81EgNTElg0n74Q66hQTbE_StX4b0PFRtTKQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTpkr6sGyKybK4U6wQXlh8z59NZb3JssDaRzjRNJ3ur4iQ4JiLVZMd_GKi9NaE81EgNTElg0n74Q66hQTbE_StX4b0PFRtTKQ&google_hm=WmF5b1VNQ284WVVBQUF0Qzh1Y0FBQUFB

Request Chain 208

• https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEGGhuJojK00dH_bY8hQ_t6g&google_cver=1&google_push=AXcoOmS7EfiftqTaHRg_duNSCFfbW0I-gKrsZU0Myr96PdMPqYtIwJ7-RYVxd_FzuJjruA--tn6-545Q0HtOQFf5dH3RoyjxUDrqe5g HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS7EfiftqTaHRg_duNSCFfbW0I-gKrsZU0Myr96PdMPqYtIwJ7-RYVxd_FzuJjruA--tn6-545Q0HtOQFf5dH3RoyjxUDrqe5g&google_hm=MjQ5NjMyMjAzNTEwMTUwODMxNQ==

Request Chain 213

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
• https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEPsZfZGlImaP7C5no5ovE70&google_cver=1

Request Chain 214

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYzMDIxNDQ1MTg3MDg4NDAyMA%3D%3D

Request Chain 215

• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI5QEFixoct55KpG2w0CjO0&google_cver=1&gdpr=0 HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEI5QEFixoct55KpG2w0CjO0&google_cver=1&gdpr=0

Request Chain 216

• https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWM1YjQzYWUtMzE5MC0yY2Q5LWQ5MGUtOTk4NjZkNzhiNDQx

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.nix-wie-weg.de/ Redirect Chain https://nixwieweg.ch/ https://www.nix-wie-weg.de/	161 KB 31 KB	227ms 166ms	Document text/html	18.193.163.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.193.163.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-163-64.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash d896586e9a65c5de94c4df74d0317c598daef3059cd6da5c0b6c47966fd5c8e3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers cache-control max-age=0, private, must-revalidate content-encoding gzip content-type text/html; charset=utf-8 date Sun, 21 Jan 2024 05:14:52 GMT etag W/"d896586e9a65c5de94c4df74d0317c59" link <https://d2e8ug3ile43hl.cloudfront.net/assets/backgrounds/header-20e4deef8791e5e4f20b6eb2316cf2b8b7cf638379b2005fd541dd5d129d1c65.avif>; rel=preload; as=image,<https://d2e8ug3ile43hl.cloudfront.net/assets/responsive-5ad08047fb3fc0fa55babcd13fe25aa5b24cb4aa3efb9395ca6ee87891e08010.css>; rel=preload; as=style; type=text/css,<https://d2e8ug3ile43hl.cloudfront.net/assets/parts/category_pages-bcf1bd8297e74c2aea3f6bfe77955b4674a97236d6eef733ce59802fb201fbd6.css>; rel=preload; as=style; type=text/css,<https://d2e8ug3ile43hl.cloudfront.net/assets/parts/searchmask-a96385225a46b5a6a2317076739673f74ba846fe14ae80e94221d27cc4b79c17.css>; rel=preload; as=style; type=text/css,<https://d2e8ug3ile43hl.cloudfront.net/assets/responsive-5ad08047fb3fc0fa55babcd13fe25aa5b24cb4aa3efb9395ca6ee87891e08010.css>; rel=preload; as=style; nopush,<https://d2e8ug3ile43hl.cloudfront.net/assets/parts/category_pages-bcf1bd8297e74c2aea3f6bfe77955b4674a97236d6eef733ce59802fb201fbd6.css>; rel=preload; as=style; nopush,<https://d2e8ug3ile43hl.cloudfront.net/assets/parts/searchmask-a96385225a46b5a6a2317076739673f74ba846fe14ae80e94221d27cc4b79c17.css>; rel=preload; as=style; nopush,<https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de>; rel=preload; as=script; nopush,<https://d2e8ug3ile43hl.cloudfront.net/assets/jquery-3.6.0-b65fee489d4fa974ddd5b51a76597b314a3d97dc93dc60feb61cded29be96f64.js>; rel=preload; as=script; nopush,<https://d2e8ug3ile43hl.cloudfront.net/assets/foot_loader-93f3e2ef89ae0bf9fa4cf1ed57899388b1a4d461a6e65bf369a0f4c27526c633.js>; rel=preload; as=script; nopush referrer-policy strict-origin-when-cross-origin server nginx strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-request-id 123e4180-f54d-4ed9-b277-8fb55e0a442b x-runtime 0.120976 x-xss-protection 0 Redirect headers Connection keep-alive Content-Length 235 Content-Type text/html; charset=iso-8859-1 Date Sun, 21 Jan 2024 05:14:52 GMT Location https://www.nix-wie-weg.de/ Server Apache
GET H2	200	header-20e4deef8791e5e4f20b6eb2316cf2b8b7cf638379b2005fd541dd5d129d1c65.avif d2e8ug3ile43hl.cloudfront.net/assets/backgrounds/	30 KB 31 KB	74ms 22ms	Image image/avif	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/backgrounds/header-20e4deef8791e5e4f20b6eb2316cf2b8b7cf638379b2005fd541dd5d129d1c65.avif Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1a52334b5c9822aa6999b767c55e82f09f58b782cd4aa7d52b98725c2e3908e2 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 19:41:59 GMT via 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 age 34375 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 31012 last-modified Wed, 10 Jan 2024 12:42:05 GMT server AmazonS3 etag "d25cdfb361ce4c037da6c09be973f1d6" vary Accept-Encoding content-type image/avif cache-control max-age=604800, public accept-ranges bytes x-amz-cf-id n4Pa025-wcMkDr8eSNOaeQ5wwFcDTY5fiuZGKybS7lcgtzRSiKelvA==
GET H2	200	responsive-5ad08047fb3fc0fa55babcd13fe25aa5b24cb4aa3efb9395ca6ee87891e08010.css d2e8ug3ile43hl.cloudfront.net/assets/	64 KB 10 KB	71ms 19ms	Stylesheet text/css	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/responsive-5ad08047fb3fc0fa55babcd13fe25aa5b24cb4aa3efb9395ca6ee87891e08010.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e2b57da15fd724ebd19954d3c95963f2e21ea9542d8865bfbb50fca6671ec328 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 12:49:53 GMT content-encoding gzip via 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:07 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 318301 x-amz-server-side-encryption AES256 etag W/"42f74c653d79fb308cc687924c9c8e01" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id wWKsV4tNpTHgWuH-nAQhbxK4WgRvvJp8_hfvWt1DXwN2HoMhOxzXlg==
GET H2	200	category_pages-bcf1bd8297e74c2aea3f6bfe77955b4674a97236d6eef733ce59802fb201fbd6.css d2e8ug3ile43hl.cloudfront.net/assets/parts/	7 KB 2 KB	69ms 17ms	Stylesheet text/css	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/parts/category_pages-bcf1bd8297e74c2aea3f6bfe77955b4674a97236d6eef733ce59802fb201fbd6.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 76da7412f7a79b85f443bca7cef7a5381e23c0454c772f26a9096ba59c181bc6 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 14 Jan 2024 08:48:29 GMT content-encoding gzip via 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront) last-modified Fri, 22 Dec 2023 09:52:12 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 591985 x-amz-server-side-encryption AES256 etag W/"da0f0a88f7e1377f0cc45719ed63572f" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id Uyr15WM3p8hREn_HvcT8tgBuHCffQyqkcbtjwPEb0F264oSAVaTOFw==
GET H2	200	searchmask-a96385225a46b5a6a2317076739673f74ba846fe14ae80e94221d27cc4b79c17.css d2e8ug3ile43hl.cloudfront.net/assets/parts/	13 KB 2 KB	72ms 20ms	Stylesheet text/css	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/parts/searchmask-a96385225a46b5a6a2317076739673f74ba846fe14ae80e94221d27cc4b79c17.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a0564015978ccc44e5577223c834b57b020da9dac51b4644670ee0776c485675 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Thu, 18 Jan 2024 09:40:52 GMT content-encoding gzip via 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 243242 x-amz-server-side-encryption AES256 etag W/"6defbbe52d441cdb7481c6960a7e2b36" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id OdCNdwI4oKyhCrrmn_Cjvcp-c1qeYtfXVMvYlMKyvwz--og5H0PX3A==
GET H2	200	yieldlove.js Show response cdn-a.yieldlove.com/v2/	566 KB 168 KB	102ms 28ms	Script application/javascript	18.173.154.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-114.muc50.r.cloudfront.net Software / Express Resource Hash 80f40102031cf9fbd0079c5a9f5e98a3e39ba7ab514f22e6533a1e2b21cdf39a Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 02:14:19 GMT content-encoding gzip via 1.1 595547cdc2fce94aba8498c84797701a.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 age 10834 x-powered-by Express etag "8d9d8-i/RTECOa2an+U2jyW/3CE5GVBqc" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800, stale-while-revalidate=2592000 x-amz-cf-id wphOMY0lWL_ydsuIothIk1GH2hDIaMNZM6fOz2euKCdHdJcbkf5_SQ==
GET H2	200	jquery-3.6.0-b65fee489d4fa974ddd5b51a76597b314a3d97dc93dc60feb61cded29be96f64.js Show response d2e8ug3ile43hl.cloudfront.net/assets/	88 KB 31 KB	90ms 38ms	Script text/javascript	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/jquery-3.6.0-b65fee489d4fa974ddd5b51a76597b314a3d97dc93dc60feb61cded29be96f64.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2213a1c22ffe6c0ad6fac3294b7f706786c2221493751cffba86754fc9c32eb9 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Thu, 18 Jan 2024 09:40:52 GMT content-encoding gzip via 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 243242 x-amz-server-side-encryption AES256 etag W/"260739fd2450fd4c64f3ecc435df5e39" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id 5GZELZ7S-IlHbCt3XKle5FtA48v6lIxLm71jpJ2fiKADwLQQHIhEog==
GET H2	200	foot_loader-93f3e2ef89ae0bf9fa4cf1ed57899388b1a4d461a6e65bf369a0f4c27526c633.js Show response d2e8ug3ile43hl.cloudfront.net/assets/	54 KB 19 KB	86ms 35ms	Script text/javascript	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/foot_loader-93f3e2ef89ae0bf9fa4cf1ed57899388b1a4d461a6e65bf369a0f4c27526c633.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2babc7f8a20c6583c5521c970d0795d0c4838ca4c30cab1beb5af440ec5674a6 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 12:49:53 GMT content-encoding gzip via 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:05 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 318301 x-amz-server-side-encryption AES256 etag W/"bac4bc07626f7e41ba956cc355288ab5" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id McBq9zQVpOacueilB_jmxPtps1XvMNbMltFH93kT7sEN933nS-Zt1A==
GET H2	200	wave_divider-d5e47cd05119c9d68b4b0b38793a97afd0a3bf1c96b2469e348f780c3f256000.svg d2e8ug3ile43hl.cloudfront.net/assets/backgrounds/	1 KB 1 KB	29ms 29ms	Image image/svg+xml	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/backgrounds/wave_divider-d5e47cd05119c9d68b4b0b38793a97afd0a3bf1c96b2469e348f780c3f256000.svg Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ed8d46ac60a6dbed00edfa762e9611e9633e95e9c8d759762ea4b89344503252 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 14 Jan 2024 14:24:11 GMT content-encoding gzip via 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 571843 etag W/"68fbc5f652479e61c456144270678863" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id ExzRmVF8vyYIPzh7w4CYXAqlWJ6cMmQUOIVk2e1uddKGHytT8JIloQ==
GET H2	200	home_2x-f951cc516ae5259e3c3a5b76e22a40beeaab6636221e9ceadd62f6c69a9a2ac1.avif d2e8ug3ile43hl.cloudfront.net/assets/backgrounds/	33 KB 33 KB	31ms 31ms	Image image/avif	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/backgrounds/home_2x-f951cc516ae5259e3c3a5b76e22a40beeaab6636221e9ceadd62f6c69a9a2ac1.avif Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 83f7447a51675618000d748c161c7f9e12ae6b72898a86e83bdac18c217224a6 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 23:38:35 GMT via 1.1 50cfe0dc07dec77718bfa8346e608936.cloudfront.net (CloudFront) last-modified Fri, 19 Jan 2024 13:06:10 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 20179 etag "6a3d2e97a4a1847e8193c77e2f325467" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/avif cache-control max-age=604800, public accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 33393 x-amz-cf-id 9WaYxaNUWFSFG2OmuZhMsAMT8QTJKW7Zihu3rn0B6ZmyD6FRXK6_Fw==
OPTIONS H2	200	latest-version cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame	0 0	80ms 29ms	Preflight text/plain	18.173.187.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/latest-version?siteId=18064&accountId=1542&hasCsp=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-27.muc50.r.cloudfront.net Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.nix-wie-weg.de Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,X-Requested-With,Content-Type,Accept,Authorization access-control-allow-methods GET, PUT, POST, DELETE access-control-allow-origin * access-control-max-age 600 cache-control max-age=0, s-maxage=600 content-length 2 content-type text/plain; charset=utf-8 date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=15552000; includeSubDomains via 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront) x-amz-cf-id WZBBYkiweQLg6Dw0WelUG4BA6KrpuuBuLDFV2ebTdZnrjDr5y22GGA== x-amz-cf-pop MUC50-P4 x-cache Miss from cloudfront
GET H2	200	latest.json Show response cdn.jsdelivr.net/gh/prebid/currency-file@1/	2 KB 2 KB	69ms 28ms	Fetch application/json	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64cb89442a1c7beb6fd0c6860addccb36400ff4d9e71bb9edcb9de9bab3be45a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4440 x-jsd-version 1.0.1941 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230103-FRA, cache-lga21929-LGA x-jsd-version-type version server cloudflare etag W/"63c-VV/trlwRxCRit2F3Or4P3rraANQ" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzHnE7GnSaCjF%2F5CIRpxjXW%2BdDB0rP%2F%2FgtLSZ42HZfsOt5CcyPYxPkKN2azLkzxmidaUbPNZpcomw5pyNP4iJWng7hq8uxU%2Beog7dhySq4KwJtCOhDzmJ%2BBpjJGKsQ2Npl%2FX3pWUt6Lu%2FEtoD%2B4%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 848d1382b9562bc6-FRA
GET H2	200	latest-version Show response cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/	206 B 698 B	30ms 29ms	XHR application/json	18.173.187.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/latest-version?siteId=18064&accountId=1542&hasCsp=true Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-27.muc50.r.cloudfront.net Software / Resource Hash 0902a5e15bad92010892d9a725f7b997a21bcbf471be80afad46597214a50258 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/json Response headers date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=15552000; includeSubDomains via 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * x-cache Miss from cloudfront cache-control max-age=0, s-maxage=600 access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization content-length 206 x-amz-cf-id CUfkXVwmgrMPsZLr8VAhRstb9vtrlr0fVKERuVNP8vxlyXlBpPBptQ==
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET H2	200	js Show response www.googletagmanager.com/gtag/	277 KB 91 KB	93ms 41ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CHV2QPFDNG Requested by Host: d2e8ug3ile43hl.cloudfront.net URL: https://d2e8ug3ile43hl.cloudfront.net/assets/foot_loader-93f3e2ef89ae0bf9fa4cf1ed57899388b1a4d461a6e65bf369a0f4c27526c633.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0d51ce81e90f9eb920a6dcfb563f163eacae7fcb0695c7c67312bcc0dab8c87a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93135 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 21 Jan 2024 05:14:53 GMT
GET H3	200	bookings-34b3db5dfc748560f6ed1b1648a3f8e7fa9e36a16d0caacccbd87a2eaa845933.css d2e8ug3ile43hl.cloudfront.net/assets/parts/	0 5 KB	56ms 55ms	Other text/css	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/parts/bookings-34b3db5dfc748560f6ed1b1648a3f8e7fa9e36a16d0caacccbd87a2eaa845933.css Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 15 Jan 2024 08:19:36 GMT content-encoding gzip via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 age 507318 x-amz-cf-pop MUC50-P3 etag W/"f0aaf9e3545fb3e6c69ba4a98f7613d2" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id aqgawPkB_ObjGuj7aH5kJbHH8MklhCLkRUL7i8oy5P6RWLYytK28mQ==
GET H3	200	gallery-43a1a787b3ce44f98573ff51f98ef7f769fb99416ec5ef70521ed3dba750e7d4.css d2e8ug3ile43hl.cloudfront.net/assets/parts/	0 2 KB	40ms 39ms	Other text/css	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/parts/gallery-43a1a787b3ce44f98573ff51f98ef7f769fb99416ec5ef70521ed3dba750e7d4.css Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 15 Jan 2024 10:11:27 GMT content-encoding gzip via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Mon, 08 Jan 2024 09:28:21 GMT server AmazonS3 age 500607 x-amz-cf-pop MUC50-P3 x-amz-server-side-encryption AES256 etag W/"5cb09e759c213d014fa8b2d99573f092" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id i8M76AcKa_AROCpogo1TsB5gYFjtScFwd2FV7b3C3A_EGjKnu2cqTQ==
GET H3	200	hotel_list-7376e085a9ae276cc95b68c26ab217f532ca81a4a96504ebdf4b978514773e2f.css d2e8ug3ile43hl.cloudfront.net/assets/parts/	0 2 KB	38ms 37ms	Other text/css	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/parts/hotel_list-7376e085a9ae276cc95b68c26ab217f532ca81a4a96504ebdf4b978514773e2f.css Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 12:50:27 GMT content-encoding gzip via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 age 318267 x-amz-cf-pop MUC50-P3 x-amz-server-side-encryption AES256 etag W/"8e59d1c1deaa8e718868d9f01b1be654" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id uwoa6QdTlW7hiRUfr9muVxj9gaL5vVahx41EaUmOFJV1kVlvEvlE2w==
GET H3	200	ibe-9cbae78494795e6cfb185e0da6786fa9e1900e0e0f0c6c2f37a5ac31ac9d9710.css d2e8ug3ile43hl.cloudfront.net/assets/parts/	0 4 KB	41ms 40ms	Other text/css	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/parts/ibe-9cbae78494795e6cfb185e0da6786fa9e1900e0e0f0c6c2f37a5ac31ac9d9710.css Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 14 Jan 2024 10:18:02 GMT content-encoding gzip via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 age 586612 x-amz-cf-pop MUC50-P3 etag W/"5f7afed3682226bbb072d6c9bbbcfe89" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id TcOfRWVIxTe2OswYvjLkqvy1TWO4rjHSpI48IFdHOXR2liVUliiLIA==
GET H3	200	non_ibe-04de2b858cde30daf28d69f7e738fe9f89aab0f3db790687e173b111b86f5ccf.css d2e8ug3ile43hl.cloudfront.net/assets/parts/	0 4 KB	39ms 38ms	Other text/css	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/parts/non_ibe-04de2b858cde30daf28d69f7e738fe9f89aab0f3db790687e173b111b86f5ccf.css Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 15 Jan 2024 13:44:14 GMT content-encoding gzip via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 age 487840 x-amz-cf-pop MUC50-P3 etag W/"c2657b49249f1b658ba587fa4ef6cfd0" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id S9IX5zfJA58LuDQQAnFSJltxk2aE4R8KmtAgyAW-E0ap1vi4aKwQhw==
GET H3	200	offer_list-aeabe2bf4c1703719a2557851137831553a0628e5a2a808a2393134c78fa2a7e.css d2e8ug3ile43hl.cloudfront.net/assets/parts/	0 6 KB	42ms 42ms	Other text/css	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/parts/offer_list-aeabe2bf4c1703719a2557851137831553a0628e5a2a808a2393134c78fa2a7e.css Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 15 Jan 2024 11:04:54 GMT content-encoding gzip via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Mon, 08 Jan 2024 09:28:21 GMT server AmazonS3 age 497400 x-amz-cf-pop MUC50-P3 x-amz-server-side-encryption AES256 etag W/"8147f4e554369cfe2505dbd0670ea1d5" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id vZbvOWzh2NU7sdbPjdjyVSiGg0ZYA6mmKtXZ3QKWeT-sFb3ZAARxKA==
GET H3	200	region_list-157e1d55d22f7f950d4ca6a09a24963a1a307e559d7d336a91746fe7570f63fa.css d2e8ug3ile43hl.cloudfront.net/assets/parts/	0 1 KB	19ms 18ms	Other text/css	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/parts/region_list-157e1d55d22f7f950d4ca6a09a24963a1a307e559d7d336a91746fe7570f63fa.css Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 15 Jan 2024 08:20:03 GMT content-encoding gzip via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 age 507291 x-amz-cf-pop MUC50-P3 etag W/"3f12af125f1df3437a8f15d50a886c3c" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id 189vOTdmNG1NmATkbjxOvCakTtsyURvI_ofpTRwk_wpveKzKPKmksA==
GET H3	200	logo-fd0efd28ea48c43f74968233449eb0db40e8ecfa89233ff8a7f8356ee63e67d1.svg d2e8ug3ile43hl.cloudfront.net/assets/	9 KB 4 KB	36ms 36ms	Image image/svg+xml	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/logo-fd0efd28ea48c43f74968233449eb0db40e8ecfa89233ff8a7f8356ee63e67d1.svg Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01f631a84a79f83811843cd1631b4c0b95a0d10c282645b55f7774169ff2d7eb Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Thu, 18 Jan 2024 09:00:50 GMT content-encoding gzip via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 age 245644 x-amz-cf-pop MUC50-P3 x-amz-server-side-encryption AES256 etag W/"4d278db84130087f2204f5d98b88dd07" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id UH_oJ_XiroAhAAbq7zMP_8VPtMW1gX6_RVgRdMIV4zlu6wL2vMnDtg==
GET H3	200	odin_content_pattern-e0d736c559aaa6306f007d661dbbd01683684a05842a11762937104a76673e0f.svg d2e8ug3ile43hl.cloudfront.net/assets/	2 KB 1 KB	17ms 17ms	Image image/svg+xml	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/odin_content_pattern-e0d736c559aaa6306f007d661dbbd01683684a05842a11762937104a76673e0f.svg Requested by Host: d2e8ug3ile43hl.cloudfront.net URL: https://d2e8ug3ile43hl.cloudfront.net/assets/responsive-5ad08047fb3fc0fa55babcd13fe25aa5b24cb4aa3efb9395ca6ee87891e08010.css Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f839b770c992411ea9ebf2ebf9a29304b964b9e83561e9aa4e55e1222a9240e5 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 15 Jan 2024 20:44:57 GMT content-encoding gzip via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 age 462597 x-amz-cf-pop MUC50-P3 etag W/"94841d35ca5095f9d9ed0be185fee668" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id ZacvEImEW_crly4HaRAEBUYR2zasnig6tZjfOp1ar_cYHYFIUODQdw==
GET H2	200	config.js Show response cdn.confiant-integrations.net/V1AdEkGj8ikBdWctk6hWbb2FEvQ/gpt_and_prebid/	89 KB 21 KB	76ms 26ms	Script text/javascript	2606:4700:4400::6812:2b5a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.confiant-integrations.net/V1AdEkGj8ikBdWctk6hWbb2FEvQ/gpt_and_prebid/config.js Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9be76da7a2821b033de6d5f991e409f7b1d7a7b37b85d774ec14cadb352c947c Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-encoding br cf-cache-status HIT last-modified Sun, 21 Jan 2024 01:43:53 GMT server cloudflare x-amz-request-id G32M8CRHNTDN1TWD age 542 etag W/"0ebc0c4c293adc24753f29af5367bae6" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript cache-control public, max-age=900, stale-while-revalidate=3600 cf-ray 848d13830a5691f3-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 y3gmJB816CEIH8Adq3NTV9+xxL1pzeE/ou/2yD2M8YHAFkKrDVk3xcel/viOs9FVHj/5UuA7pShUQcmzUm0MZnAB8pNkDastDQ0G9g5NKgY=
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	112ms 43ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: d2e8ug3ile43hl.cloudfront.net URL: https://d2e8ug3ile43hl.cloudfront.net/assets/foot_loader-93f3e2ef89ae0bf9fa4cf1ed57899388b1a4d461a6e65bf369a0f4c27526c633.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Sun, 21 Jan 2024 05:14:52 GMT last-modified Fri, 10 Nov 2023 20:09:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 09DD03F72D6E48BAAA47157FA7B514A9 Ref B: FRA31EDGE0713 Ref C: 2024-01-21T05:14:53Z etag "80abcdf1114da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13175
GET H3	200	foot-72ef26934533fe5c5c8439a9271a3c3a9f7b8e102db7431b7329008ac01529d3.js Show response d2e8ug3ile43hl.cloudfront.net/assets/	142 KB 37 KB	36ms 35ms	Script text/javascript	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/foot-72ef26934533fe5c5c8439a9271a3c3a9f7b8e102db7431b7329008ac01529d3.js Requested by Host: d2e8ug3ile43hl.cloudfront.net URL: https://d2e8ug3ile43hl.cloudfront.net/assets/foot_loader-93f3e2ef89ae0bf9fa4cf1ed57899388b1a4d461a6e65bf369a0f4c27526c633.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c2558e62d586837e1f5313bbe1c64a07591a53dd693e44cfe627174e5d0b7fe2 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 12:49:54 GMT content-encoding gzip via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:05 GMT server AmazonS3 age 318300 x-amz-cf-pop MUC50-P3 x-amz-server-side-encryption AES256 etag W/"3959f386d0d09a52995b5145e0fb4a63" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=604800, public alt-svc h3=":443"; ma=86400 x-amz-cf-id 5EWTZ52cTTax4Hp-yZcsIcQmic2jsYfpZ4fjGqgkYE3-j1YY-To0bA==
GET H2	200	lazysizes.min.js Show response cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/	8 KB 4 KB	66ms 24ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js Requested by Host: d2e8ug3ile43hl.cloudfront.net URL: https://d2e8ug3ile43hl.cloudfront.net/assets/foot_loader-93f3e2ef89ae0bf9fa4cf1ed57899388b1a4d461a6e65bf369a0f4c27526c633.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1337291 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3150 last-modified Wed, 31 Mar 2021 06:24:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "60641588-1ed1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INcgOcW7YsFtX4Fb4yfoo%2BuuOxh9hEt6Gd1fyDZ1o75Z5U2rOCElTNXuvWgBhI6xEW4Nhyk8VSucfDuKwYCP%2Fra6s%2FbUsrgfIdYVeMPeASWzdJUbbEtD32Zyxngc%2FncioUBmJMMaEG19xC3x%2FpDaPYvA"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 848d1382f8cc1c3a-FRA expires Fri, 10 Jan 2025 05:14:53 GMT
GET H2	200	spritesheet Show response www.nix-wie-weg.de/	70 KB 23 KB	73ms 72ms	XHR text/html	18.193.163.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.nix-wie-weg.de/spritesheet?version=97bfdf0f Requested by Host: d2e8ug3ile43hl.cloudfront.net URL: https://d2e8ug3ile43hl.cloudfront.net/assets/jquery-3.6.0-b65fee489d4fa974ddd5b51a76597b314a3d97dc93dc60feb61cded29be96f64.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.193.163.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-193-163-64.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 87732b260bc538d610b0765dad48c2d25bd3f1472a4fa25f06b051d106985e93 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept text/html, */*; q=0.01 Referer https://www.google.com/ X-CSRF-Token hOLwMIvDe8F5AgjiYQGKruKdhoh0F8pTw9cpQxSi5v_Ce-uAjXIlZ-h5Y4s6681VkeAw9YAtt95H27Xr3JonZg X-Requested-With XMLHttpRequest accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-permitted-cross-domain-policies none x-xss-protection 0 x-request-id 9b0f84a1-b488-4777-b10f-54641e6301ab x-runtime 0.048352 referrer-policy strict-origin-when-cross-origin server nginx etag W/"87732b260bc538d610b0765dad48c2d2" x-download-options noopen vary Accept-Encoding, Accept x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 cache-control max-age=31556952, private
GET H2	200	240901_Bannernix-wie-weg_950x250px_2.jpg d13btdmpjvxmpg.cloudfront.net/images/2473/	313 KB 314 KB	79ms 22ms	Image image/jpeg	2600:9000:20c3:6c00:1:4feb:d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13btdmpjvxmpg.cloudfront.net/images/2473/240901_Bannernix-wie-weg_950x250px_2.jpg Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:6c00:1:4feb:d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ebffaa9d18aef7c7e6a0d6d56505410051f353be91dc6ed894284439d3761b13 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 22:58:57 GMT x-amz-version-id 8U2cDSWJbIXrfnL8XHPu4hNWqfqIwRMq via 1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-C1 age 281757 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 320694 last-modified Wed, 10 Jan 2024 14:35:44 GMT server AmazonS3 etag "095a5a5c73f7b7b3e9c2246306cbcc2d" content-type image/jpeg cache-control max-age=604800, public accept-ranges bytes x-amz-cf-id yOe8SMdWF1I-XNUe5z8Z2sRAOz6AJdFTbjYqfVb0viuwZbL6Gf6Wpg==
OPTIONS H2	200	new-user cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/ Frame	0 0	30ms 30ms	Preflight text/plain	18.173.187.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A18064%2C%22accountId%22%3A1542%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.nix-wie-weg.de%2F%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22browserLanguage%5C%22%3A%5C%22en-US%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%2C%22_sp_v1_p%22%3Anull%7D&scriptVersion=2.9.0&scriptType=tcfv2&ch=4401355564401355564e55 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-27.muc50.r.cloudfront.net Software / Express Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://www.nix-wie-weg.de Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION access-control-allow-methods GET, PUT, POST, DELETE access-control-allow-origin * access-control-max-age 86400 cache-control max-age=86400, s-maxage=1200 content-length 2 content-type text/plain; charset=utf-8 date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding via 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront) x-amz-cf-id z7zipOQ9KSVMpSMPQi1Uh7DQW4d5IUh3UgZLmbVXLAo9lIdY7tagwg== x-amz-cf-pop MUC50-P4 x-cache Miss from cloudfront x-powered-by Express
GET H2	200	new-user Show response cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/	35 KB 3 KB	39ms 38ms	XHR application/json	18.173.187.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.privacy-mgmt.com/wrapper/tcfv2/v2/gdpr/native-message/new-user?hasCsp=true&env=prod&body=%7B%22propertyId%22%3A18064%2C%22accountId%22%3A1542%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.nix-wie-weg.de%2F%22%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3A%22%7B%5C%22browserLanguage%5C%22%3A%5C%22en-US%5C%22%7D%22%2C%22campaignEnv%22%3A%22prod%22%2C%22legalBasisChanges%22%3Afalse%2C%22vendorListAdditions%22%3Afalse%7D&nonkeyed=%7B%22_sp_v1_uid%22%3Anull%2C%22_sp_v1_data%22%3Anull%2C%22_sp_v1_p%22%3Anull%7D&scriptVersion=2.9.0&scriptType=tcfv2&ch=4401355564401355564e55 Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-27.muc50.r.cloudfront.net Software / Express Resource Hash 39d4960f2be1b1e000fca8495408482e5764b2e9caa09bdd8116f8c37e958c58 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/json Response headers date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip via 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 x-powered-by Express vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * x-cache Miss from cloudfront cache-control max-age=0, s-maxage=1200 access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION x-amz-cf-id DZDrYglwGSlMZpkp0mSCo4ICr7nfa-He---_uty_MIhniBFnKhIf_g==
GET H3	206	header-766c18f1f95625617fb59e792fd9bc78887cfccab8de04ea310d3a749d572fca.webm d2e8ug3ile43hl.cloudfront.net/assets/backgrounds/	668 KB 668 KB	18ms 18ms	Media audio/webm	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/backgrounds/header-766c18f1f95625617fb59e792fd9bc78887cfccab8de04ea310d3a749d572fca.webm Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b4e81735e9ed08398be0359853fc69c4c36175dfc2a1c1005cb695ba37b5eed1 Request headers Referer https://www.google.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Range bytes=0- Response headers date Wed, 17 Jan 2024 03:18:07 GMT via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) age 352607 x-amz-cf-pop MUC50-P3 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront Content-Range bytes 0-683892/683893 alt-svc h3=":443"; ma=86400 Content-Length 683893 last-modified Wed, 10 Jan 2024 12:42:06 GMT server AmazonS3 etag "14f6b45c53faf1718ff3e18b448870c0" content-type audio/webm cache-control max-age=604800, public accept-ranges bytes x-amz-cf-id PfVE6Ozeg9FZsPl1svbRWBOe2_8Frha7Oh2nHfBQk4xsXxWmFcB6rQ==
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	97 KB 29 KB	146ms 92ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: d2e8ug3ile43hl.cloudfront.net URL: https://d2e8ug3ile43hl.cloudfront.net/assets/foot_loader-93f3e2ef89ae0bf9fa4cf1ed57899388b1a4d461a6e65bf369a0f4c27526c633.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 95e866df65a887dfe37283c35065cca06d9087aa0b5f13ced1955e59543cef49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29468 x-xss-protection 0 server cafe etag 250 / 19743 / 31080550 / config-hash: 15866861927224639442 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 21 Jan 2024 05:14:53 GMT
GET H2	200	wrap.js Show response cdn.confiant-integrations.net/gptprebidnative/202401101304/	302 KB 93 KB	41ms 39ms	Script application/javascript	2606:4700:4400::6812:2b5a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js Requested by Host: cdn.confiant-integrations.net URL: https://cdn.confiant-integrations.net/V1AdEkGj8ikBdWctk6hWbb2FEvQ/gpt_and_prebid/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-encoding br cf-cache-status HIT last-modified Wed, 10 Jan 2024 18:05:23 GMT server cloudflare x-amz-request-id YXBZXB4KYG9EGXEP age 900617 etag W/"5aabb710020a401097c59bf9249caa6c" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 848d13836a6891f3-FRA alt-svc h3=":443"; ma=86400 x-amz-id-2 foRkmlkRT9njICw32tiNDWWOaC/NA/ic+cEifS8CWmHVKZxp2MJg1xiemhqsfybUcmFjxeTEVceVbHpsdWF2VA==
GET H2	204	4063807.js Show response bat.bing.com/p/action/	0 117 B	41ms 41ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/4063807.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Sun, 21 Jan 2024 05:14:52 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 7E01063FE4AF4AE095F2151E6D9C0342 Ref B: FRA31EDGE0713 Ref C: 2024-01-21T05:14:53Z x-cache CONFIG_NOCACHE
POST H2	204	collect region1.google-analytics.com/g/	0 257 B	77ms 30ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-CHV2QPFDNG&gtm=45je41h0v888125743&_p=1705814093211&gcs=G100&gcd=11p1p1l1l5&dma=0&tcfd=10000&cid=74737327.1705814093&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705814093&sct=1&seg=0&dl=https%3A%2F%2Fwww.nix-wie-weg.de%2F&dt=Urlaub%20buchen%20beim%20TESTSIEGER%20Nix-wie-weg%C2%AE!%20G%C3%BCnstige%20Last%20Minute%20Reisen%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true&tfd=766 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CHV2QPFDNG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:53 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.nix-wie-weg.de cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	203 KB 73 KB	36ms 36ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-1071855962&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CHV2QPFDNG Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 92e26787458de2b92bebb22bf982317c624bdd944790d4416c00ad0890585453 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74703 x-xss-protection 0 last-modified Sun, 21 Jan 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 21 Jan 2024 05:14:53 GMT
OPTIONS H2	200	pv-data cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/ Frame	0 0	30ms 30ms	Preflight text/html	18.173.187.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/pv-data?hasCsp=true&ch=4401355564401355564e55 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-27.muc50.r.cloudfront.net Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.nix-wie-weg.de Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin,X-Requested-With,Content-Type,Accept,Authorization access-control-allow-methods GET, PUT, POST, DELETE access-control-allow-origin * allow POST cache-control no-cache content-length 4 content-type text/html; charset=utf-8 date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding via 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront) x-amz-cf-id 562mhoQbU3lnWlg8Zqra64daxoFPlV-9bZ6DoihFHG4HLDc0rVKUrA== x-amz-cf-pop MUC50-P4 x-cache Miss from cloudfront
POST H2	200	pv-data Show response cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/	844 B 1 KB	28ms 28ms	XHR application/json	18.173.187.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.privacy-mgmt.com/consent/tcfv2/consent/v2/data-pipeline/pv-data?hasCsp=true&ch=4401355564401355564e55 Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-27.muc50.r.cloudfront.net Software / Resource Hash ed12c599319a8d784ea621e57520f2bd53238d4119d61471f00253bfba11dfba Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type application/json Response headers date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=15552000; includeSubDomains via 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 vary Accept-Encoding access-control-allow-methods GET, PUT, POST, DELETE content-type application/json; charset=utf-8 access-control-allow-origin * x-cache Miss from cloudfront cache-control no-cache access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization content-length 844 x-amz-cf-id Kdkcm-MDkN03fuzdeaWIlFogAIKyEgWYYi5XMSPjXrNP0saY6-uGCw==
GET H2	200	opt.json Show response cdn-a.yieldlove.com/v2/	722 B 1 KB	60ms 26ms	XHR application/json	18.173.154.114 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-a.yieldlove.com/v2/opt.json?nix-wie-weg.de Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.114 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-114.muc50.r.cloudfront.net Software / Express Resource Hash 3fbff41366fab90f64ff6cb56fdc1053b0239f5f17d0653436403996b474dec4 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:05:26 GMT via 1.1 3346ad1679ff01fe81e117084323b814.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P3 age 567 x-powered-by Express etag "2d2-Kv+xBg+cf1qLF+84I4l0IeU86vU" vary Accept-Encoding x-cache Hit from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800, stale-while-revalidate=2592000 content-length 722 x-amz-cf-id nv8baaf8W4j4OHzkq_43MnRgfkVwTG2jFX-aB7zxCZG-BzFwTtbWLg==
POST H2	200	dsh Show response hb.adscale.de/	11 B 475 B	259ms 202ms	Fetch text/plain	18.199.12.181 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hb.adscale.de/dsh Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.199.12.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-199-12-181.eu-central-1.compute.amazonaws.com Software / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-encoding gzip vary origin p3p CP=NOI PSA OUR access-control-allow-origin https://www.nix-wie-weg.de content-type text/plain cache-control no-cache access-control-allow-credentials true x-robots-tag none
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	19 B 584 B	89ms 26ms	Fetch application/json	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:53 GMT an-x-request-uuid 7f5c4fa3-4b4b-4351-99ac-dde219898ee1 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://www.nix-wie-weg.de cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 149.88.27.83; 149.88.27.83; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 19 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	openrtb Show response adx.adform.net/adx/	2 KB 2 KB	195ms 110ms	Fetch application/json	37.157.5.133 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.5.133 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash c8d668c385659c2a5ff4d0aa94950c580a17c767ea7e46afdc33ad5ca4036ec5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" pragma no-cache server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding access-control-allow-methods POST,OPTIONS content-type application/json access-control-allow-origin https://www.nix-wie-weg.de access-control-max-age 86400 access-control-allow-credentials true cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
POST H2	204	bid Show response orbidder.otto.de/	0 150 B	127ms 53ms	Fetch	35.210.58.154 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://orbidder.otto.de/bid Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.210.58.154 Brussels, Belgium, ASN19527 (GOOGLE-2, US), Reverse DNS 154.58.210.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://www.nix-wie-weg.de date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true
POST H2	204	bid Show response orbidder.otto.de/	0 150 B	127ms 54ms	Fetch	35.210.58.154 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://orbidder.otto.de/bid Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.210.58.154 Brussels, Belgium, ASN19527 (GOOGLE-2, US), Reverse DNS 154.58.210.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://www.nix-wie-weg.de date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true
POST H2	204	bid Show response orbidder.otto.de/	0 150 B	126ms 53ms	Fetch	35.210.58.154 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://orbidder.otto.de/bid Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.210.58.154 Brussels, Belgium, ASN19527 (GOOGLE-2, US), Reverse DNS 154.58.210.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://www.nix-wie-weg.de date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true
POST H2	204	bid Show response orbidder.otto.de/	0 150 B	126ms 53ms	Fetch	35.210.58.154 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://orbidder.otto.de/bid Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.210.58.154 Brussels, Belgium, ASN19527 (GOOGLE-2, US), Reverse DNS 154.58.210.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://www.nix-wie-weg.de date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true
POST H2	204	bid Show response orbidder.otto.de/	0 151 B	123ms 51ms	Fetch	35.210.58.154 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://orbidder.otto.de/bid Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.210.58.154 Brussels, Belgium, ASN19527 (GOOGLE-2, US), Reverse DNS 154.58.210.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://www.nix-wie-weg.de date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true
POST H2	204	bid Show response orbidder.otto.de/	0 150 B	124ms 52ms	Fetch	35.210.58.154 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://orbidder.otto.de/bid Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.210.58.154 Brussels, Belgium, ASN19527 (GOOGLE-2, US), Reverse DNS 154.58.210.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://www.nix-wie-weg.de date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true
POST H2	204	bid Show response orbidder.otto.de/	0 150 B	125ms 53ms	Fetch	35.210.58.154 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://orbidder.otto.de/bid Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.210.58.154 Brussels, Belgium, ASN19527 (GOOGLE-2, US), Reverse DNS 154.58.210.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://www.nix-wie-weg.de date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true
POST H2	204	bid Show response orbidder.otto.de/	0 150 B	124ms 52ms	Fetch	35.210.58.154 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://orbidder.otto.de/bid Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.210.58.154 Brussels, Belgium, ASN19527 (GOOGLE-2, US), Reverse DNS 154.58.210.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://www.nix-wie-weg.de date Sun, 21 Jan 2024 05:14:53 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-credentials true
POST H2	204	session Show response prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/	0 58 B	70ms 19ms	XHR text/plain	3.77.5.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/session Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.77.5.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-5-141.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 21 Jan 2024 05:14:53 GMT
POST H2	204	auction Show response prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/	0 57 B	70ms 19ms	XHR text/plain	3.77.5.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/auction Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.77.5.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-5-141.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 21 Jan 2024 05:14:53 GMT
GET H2	204	0 bat.bing.com/action/	0 179 B	44ms 43ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=4063807&Ver=2&mid=397483a7-9b7b-4406-8404-2caf453e89c0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Urlaub%20buchen%20beim%20TESTSIEGER%20Nix-wie-weg%C2%AE!%20G%C3%BCnstige%20Last%20Minute%20Reisen%202024&p=https%3A%2F%2Fwww.nix-wie-weg.de%2F&r=&lt=610&evt=pageLoad&sv=1&asc=D&rn=126128 Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 21 Jan 2024 05:14:53 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: EEB1CF3943784162866413FAB9C75B1D Ref B: FRA31EDGE0713 Ref C: 2024-01-21T05:14:53Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	landing pagead2.googlesyndication.com/pagead/	42 B 455 B	112ms 57ms	Ping image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=11p1p1l1l5&rnd=929885771.1705814093&url=https%3A%2F%2Fwww.nix-wie-weg.de%2F&dma=0&tcfd=10000&gtm=45be41h0v9130024998 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-1071855962&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:53 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	tuerkei-aced1fc22d041ec45d4f357f33a9242b114acc6b547c01e0176dd2db33194795.jpg d2e8ug3ile43hl.cloudfront.net/assets/region_thumbnails/	16 KB 16 KB	109ms 108ms	Image image/jpeg	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/region_thumbnails/tuerkei-aced1fc22d041ec45d4f357f33a9242b114acc6b547c01e0176dd2db33194795.jpg Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 954a738dfaa0237ec18f41a11afe540d01c3f72a03ae4ecf04e6f0be021b8c05 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:54 GMT via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:07 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 x-amz-server-side-encryption AES256 etag "8376c0549263fcafdfb1a22b736d8a3a" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type image/jpeg cache-control max-age=604800, public accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 16019 x-amz-cf-id XmzsfE6HVTyJI6hoMmH72UOYpGMH6RPnBh71THle9vVSIn8693lMEg==
GET H2	200	original-erwachsene.jpg d13btdmpjvxmpg.cloudfront.net/images/813/	14 KB 14 KB	21ms 20ms	Image image/jpeg	2600:9000:20c3:6c00:1:4feb:d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13btdmpjvxmpg.cloudfront.net/images/813/original-erwachsene.jpg Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:6c00:1:4feb:d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b9afa6dfb976138518822d181f8aeaf796af52eba8827fda5fc49696119f86e8 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 11:12:43 GMT x-amz-version-id 3l3GvztWUdRh3pwWdB7YrQ6qziaih4l9 via 1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront) last-modified Mon, 12 Nov 2018 10:26:22 GMT server AmazonS3 x-amz-cf-pop MUC50-C1 age 64931 etag "f3965554483a25c8152f7d0a9d356b39" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=86400 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 14186 x-amz-cf-id kW0LrDuJweil5m70G6_odIqaudT5QWAqy_roU7VVp71-bh2jv8wDtA==
GET H/1.1	200 OK	THB_999_H86797.jpg de.images.traveltainment.eu/images/content/booking_thumbs_w_gr/85000/	17 KB 18 KB	138ms 31ms	Image image/jpeg	185.64.96.3 PIRONETNDH-AS CAN...
General Check archive.org Show headers Download Go to Show image Full URL https://de.images.traveltainment.eu/images/content/booking_thumbs_w_gr/85000/THB_999_H86797.jpg Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE), Reverse DNS Software / Resource Hash 7fb6f951e8c1697fcc145e5b64cfe8e1b174344a710a5689e0c24899f7356a7f Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 21 Jan 2024 05:14:53 GMT Last-Modified Thu, 11 May 2023 15:50:04 GMT ETag "645d0eac-45d3" X-TT-Cluster op-image-p105-content-https Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 17875 Expires Sun, 21 Jan 2024 06:14:53 GMT
GET H/1.1	200 OK	THB_999_H7834.jpg de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/05000/	11 KB 11 KB	137ms 30ms	Image image/jpeg	185.64.96.3 PIRONETNDH-AS CAN...
General Check archive.org Show headers Download Go to Show image Full URL https://de.images.traveltainment.eu/images/content/booking_thumbs_s_gr/05000/THB_999_H7834.jpg Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.64.96.3 , Germany, ASN8469 (PIRONETNDH-AS CANCOM Managed Services GmbH, DE), Reverse DNS Software / Resource Hash 6ed7952236167ff77ef6a4f4b7fdc20d72dff544724632111fd451dd2e82b381 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Date Sun, 21 Jan 2024 05:14:53 GMT Last-Modified Mon, 29 Jun 2020 23:54:11 GMT ETag "5efa7f23-2bdf" X-TT-Cluster op-image-p104-content-https Vary Accept-Encoding Content-Type image/jpeg Cache-Control max-age=3600 Connection keep-alive Accept-Ranges bytes Content-Length 11231 Expires Sun, 21 Jan 2024 06:14:53 GMT
GET H2	200	original-original-nichtnurmallorcafincas.jpg d13btdmpjvxmpg.cloudfront.net/images/859/	20 KB 21 KB	20ms 19ms	Image image/jpeg	2600:9000:20c3:6c00:1:4feb:d00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13btdmpjvxmpg.cloudfront.net/images/859/original-original-nichtnurmallorcafincas.jpg Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c3:6c00:1:4feb:d00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 539c546b02e4e3dfa44f570f6c75c4b020a63707dd18c37bc75393ea42fa0c2f Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 16 Jan 2024 20:28:04 GMT x-amz-version-id .s_vd5I8tIwFLnsMpdGksDwL3T4673mO via 1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront) last-modified Fri, 29 May 2020 11:06:21 GMT server AmazonS3 x-amz-cf-pop MUC50-C1 age 377210 etag "e6d822c05ef7c1ec45ac8e0c835b1f2f" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=86400 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 20842 x-amz-cf-id qBoZYf2-uBl91bk2CL4drcBW-Mt89tu0FHbFWSYJnoElNtAlbJvw0A==
GET H3	200	kreta-f4aba2f63a5d3dedec12ec4632c93cb1eaddb72e2e6fbcf590fb97e18843b0be.jpg d2e8ug3ile43hl.cloudfront.net/assets/region_thumbnails/	15 KB 15 KB	23ms 23ms	Image image/jpeg	2600:9000:26db:f800:6:5ac3:2a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2e8ug3ile43hl.cloudfront.net/assets/region_thumbnails/kreta-f4aba2f63a5d3dedec12ec4632c93cb1eaddb72e2e6fbcf590fb97e18843b0be.jpg Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:26db:f800:6:5ac3:2a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7107de56e51b1877beefba063175bfeecfab5c7f71263a1f0cba316642fb78a3 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 14 Jan 2024 16:03:31 GMT via 1.1 b9c5f3514baef1f70c91fc9b0be37d2e.cloudfront.net (CloudFront) last-modified Wed, 10 Jan 2024 12:42:07 GMT server AmazonS3 age 565883 x-amz-cf-pop MUC50-P3 etag "19cf3f7d7a4ab891cc63f6ca8fc0e1e4" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=604800, public accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 14985 x-amz-cf-id UmOFD4SMJ8ykKGysBJxyDJ_2RfSLMy2AxW5tWOzwFhRbG7KuFFGOzg==
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/	430 KB 135 KB	27ms 23ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 09:41:19 GMT content-encoding br x-content-type-options nosniff age 70414 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138095 x-xss-protection 0 server cafe etag 16105826302836755247 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Sun, 19 Jan 2025 09:41:19 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	227 B 155 B	102ms 55ms	XHR application/json	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nix-wie-weg.de Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5c6fac2f07a029682786ab2c9d9df21716fe488254491fdcee29232661ec12d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 130 x-xss-protection 0 expires Sun, 21 Jan 2024 05:14:53 GMT
POST H2	204	bid Show response prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/	0 57 B	19ms 19ms	XHR text/plain	3.77.5.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/bid Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.77.5.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-5-141.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 21 Jan 2024 05:14:53 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	110 KB 45 KB	337ms 336ms	Fetch text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1722366591923444&correlator=3777879402572190&eid=31079958%2C31080527%2C31080563%2C31080550%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fif&gdpr=0&addtl_consent=1~&iu_parts=53015287%3A22660584153%2Cnix-wie-weg.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705814093620&lmt=1705814093&adxs=436&adys=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.nix-wie-weg.de%2F&vis=1&psz=950x20&msz=728x0&fws=4&ohw=1600&ga_vid=74737327.1705814093&ga_sid=1705814094&ga_hid=1554434404&ga_fc=false&dlt=1705814092996&idt=587&prev_scp=yieldlove_reload%3Dpid%253A28668.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A28668.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dnever%26yieldlove_is_reloaded%3Dnever%26yieldlove_ab%3Dyl_ver%253A1.67.0%2Cpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A28668.yl_ver%253A1.67.0%2Cpid%253A28668.po%253Adefault%26yieldlove_meta%3Dpid%253A28668.sb%253Af%26yieldlove_pid%3D28668%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D28668&adks=989504133&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7118adbc87ed443d0019582d47003218942edc03eb72fa0e5880286031c7c038 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45718 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.nix-wie-weg.de cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	111 KB 45 KB	283ms 283ms	Fetch text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1722366591923444&correlator=504751576643838&eid=31079958%2C31080527%2C31080563%2C31080550%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fif&gdpr=0&addtl_consent=1~&iu_parts=53015287%3A22660584153%2Cnix-wie-weg.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705814093628&lmt=1705814093&adxs=436&adys=3187&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.nix-wie-weg.de%2F&vis=1&psz=950x20&msz=728x0&fws=4&ohw=1600&ga_vid=74737327.1705814093&ga_sid=1705814094&ga_hid=1554434404&ga_fc=false&dlt=1705814092996&idt=587&prev_scp=yieldlove_reload%3Dpid%253A28668.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A28668.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_reloaded%3Dnever%26yieldlove_is_reloaded%3Dnever%26yieldlove_ab%3Dyl_ver%253A1.67.0%2Cpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A28668.yl_ver%253A1.67.0%2Cpid%253A28668.po%253Adefault%26yieldlove_meta%3Dpid%253A28668.sb%253Af%26yieldlove_pid%3D28668%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D28668&adks=2703868347&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 72e124d4acac6234ade6ca929188132a7a701ad9fb51028956c800b47dbe26eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46347 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.nix-wie-weg.de cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6043	6 KB 3 KB	112ms 30ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.nix-wie-weg.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:53 GMT expires Mon, 20 Jan 2025 05:14:53 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	userconnect.js Show response js.adscale.de/	11 KB 4 KB	96ms 22ms	Script application/javascript	2600:9000:223f:f600:f:4f64:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adscale.de/userconnect.js Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:f600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b14b694672a147aa8f4831209101b3b16ecd4be00388cff5df414ebe7a3ea4f2 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-amz-version-id aPjz4EUJ.exokuHs05_hMmhV0lAQxRN. content-encoding br via 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront) date Sun, 21 Jan 2024 04:25:14 GMT last-modified Sat, 20 Jan 2024 22:25:11 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 2979 x-amz-server-side-encryption AES256 etag W/"78b4b0cafb95265ca700a4b4609d0664" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=7200, stale-while-revalidate=86400 x-amz-cf-id tByaCGGuXOZGQV9eMsBDMib6IIOGfJPClE6USYQLip5mdWhRATkw3A==
GET H2	200	userconnect Show response ih.adscale.de/	113 B 189 B	76ms 20ms	Script application/javascript	3.77.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ih.adscale.de/userconnect?ssl=1&sid=112f1195-cb6e-4e40-b472-e08983e6c415&cbfn=stroeerCoreConnect&ts=1705814093825&umd=false&gdpr=0&gdpr_version=4&src=userconnect_js Requested by Host: js.adscale.de URL: https://js.adscale.de/userconnect.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.77.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-103-53.eu-central-1.compute.amazonaws.com Software / Resource Hash 1586b134298bbde0332c4a747febc26878cd22cde696c403371f1aa96ebf5a3a Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:53 GMT content-length 113 content-type application/javascript
GET H2	200	map Show response ih.adscale.de/ Frame 05CE	2 KB 3 KB	21ms 20ms	Document text/html	3.77.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ih.adscale.de/map?format=display&ssl=1&sid=867088&gdpr=0 Requested by Host: js.adscale.de URL: https://js.adscale.de/userconnect.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.77.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-103-53.eu-central-1.compute.amazonaws.com Software / Resource Hash 5e384bc9d0c5f523a20ae4e61de54038224a89f83acea65643836b693d2aabba Request headers Referer https://www.nix-wie-weg.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers content-length 2504 content-type text/html;charset=ISO-8859-1 date Sun, 21 Jan 2024 05:14:53 GMT
GET H2	200	match.js Show response js.adscale.de/ Frame 05CE	4 KB 2 KB	22ms 21ms	Script application/javascript	2600:9000:223f:f600:f:4f64:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adscale.de/match.js Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1&sid=867088&gdpr=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:f600:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 45767d3452a56be0180eed18ff44acd5e688dc5bbde2b77e1da29b326a180416 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers x-amz-version-id 0T4XTO8GpMiBYVcpG3khgOj5pYPr5SHV content-encoding gzip via 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront) date Sun, 21 Jan 2024 04:25:14 GMT last-modified Sat, 20 Jan 2024 22:25:11 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 2980 x-amz-server-side-encryption AES256 etag W/"ff7cce9128150bd82f1a709c03692e3d" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=7200, stale-while-revalidate=86400 x-amz-cf-id iffp3bSVulTpYTRmCNzimx1BXE-81uFNkDzgEnbDCbF_89m5jjx5aA==
GET H2	200	container.html Show response dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 93AC	6 KB 3 KB	24ms 23ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.nix-wie-weg.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:53 GMT expires Mon, 20 Jan 2025 05:14:53 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	win Show response prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/	0 57 B	20ms 19ms	XHR text/plain	3.77.5.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/win Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.77.5.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-5-141.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 21 Jan 2024 05:14:53 GMT
GET H2	200	img ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/ Frame 05CE Redirect Chain https://bbnaut.ibillboard.com/match/AdScale?partneruid=2721f30ff1e64643b768c22491691baf&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg%3Ftpid%... https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=101&tpuid=BBID-01-03805280940748331-17135640	49 B 540 B	21ms 20ms	Image image/gif	3.77.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=101&tpuid=BBID-01-03805280940748331-17135640 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1&sid=867088&gdpr=0 Protocol H2 Server 3.77.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-103-53.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers p3p CP=NOI PSA OUR date Sun, 21 Jan 2024 05:14:54 GMT content-length 49 content-type image/gif Redirect headers location https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=101&tpuid=BBID-01-03805280940748331-17135640 date Sun, 21 Jan 2024 05:14:54 GMT cache-control private, max-age=3600 access-control-allow-credentials true server nginx p3p CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
GET H2	200	container.html Show response dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0532	6 KB 3 KB	23ms 23ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.nix-wie-weg.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:53 GMT expires Mon, 20 Jan 2025 05:14:53 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	win Show response prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/	0 57 B	19ms 19ms	XHR text/plain	3.77.5.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/win Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.77.5.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-5-141.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 21 Jan 2024 05:14:53 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 10BF	499 B 466 B	146ms 93ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNWD_j3ATmzmIdDKVoq4OZG0VgxD73CBDyphhcX3Vt39dZ0mrnfQ2QitHsv2zFLunqSy7GavbY0hmFtspNB4MWQqBZMVp81ZFImUWJQz1QQ0_ceBsYU Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 183 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:54 GMT expires Sun, 21 Jan 2024 05:14:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 93AC	172 KB 61 KB	90ms 23ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 23:49:04 GMT content-encoding gzip x-content-type-options nosniff age 19550 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 23:49:04 GMT
GET H2	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 93AC	8 KB 3 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:37:48 GMT content-encoding br x-content-type-options nosniff age 38226 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3206 x-xss-protection 0 server cafe etag 12640889860211258669 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:37:48 GMT
GET H2	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 93AC	23 KB 9 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:32:08 GMT content-encoding br x-content-type-options nosniff age 38566 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9276 x-xss-protection 0 server cafe etag 3558958386372919956 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:32:08 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 93AC	41 KB 14 KB	85ms 32ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 02:28:13 GMT content-encoding br x-content-type-options nosniff age 355601 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 16 Jan 2025 02:28:13 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 93AC	3 KB 1 KB	84ms 31ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 13:28:07 GMT content-encoding br x-content-type-options nosniff age 56807 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 13:28:07 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 93AC	20 KB 9 KB	77ms 24ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:28:59 GMT content-encoding br x-content-type-options nosniff age 38755 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:28:59 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 93AC	42 B 126 B	54ms 54ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Csxql3l1gTqoGfalRlLNQUKWiEVNtCf5Gwjkr6AMviYQuApCc3gD8DdolPALfYLt95KUXyXyWXxB55g1u6mRwtu0spHppctpizIlMRuzqWR8gSpVg Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 93AC	206 KB 66 KB	95ms 42ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66453 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1705495733332172" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Jan 2024 05:14:54 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 09DB	499 B 788 B	90ms 61ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNWKrdP-GW9ahlGQi_3u6TlFwVg1sZXCWC7Wpu38JioLPKMLAAQ09glV9DdrGXnrkAk1XivsvEy83APisob_-eMgNdNPRj7cjqVXnyjU4x_zVrMf4h8 Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 183 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:54 GMT expires Sun, 21 Jan 2024 05:14:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 0532	172 KB 60 KB	92ms 49ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 23:49:04 GMT content-encoding gzip x-content-type-options nosniff age 19550 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 23:49:04 GMT
GET H2	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 0532	8 KB 3 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:37:48 GMT content-encoding br x-content-type-options nosniff age 38226 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3206 x-xss-protection 0 server cafe etag 12640889860211258669 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:37:48 GMT
GET H2	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 0532	23 KB 9 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:32:08 GMT content-encoding br x-content-type-options nosniff age 38566 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9276 x-xss-protection 0 server cafe etag 3558958386372919956 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:32:08 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 0532	41 KB 14 KB	82ms 51ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 02:28:13 GMT content-encoding br x-content-type-options nosniff age 355601 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 16 Jan 2025 02:28:13 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 0532	3 KB 1 KB	81ms 50ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 13:28:07 GMT content-encoding br x-content-type-options nosniff age 56807 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 13:28:07 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 0532	20 KB 8 KB	58ms 27ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:28:59 GMT content-encoding br x-content-type-options nosniff age 38755 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:28:59 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0532	42 B 107 B	54ms 54ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CwSOnMyWXVJRyeUMZIKwI0Kz00RDKsuAaowLZZWM7uCaPr7Nr0Jc54Hbyc31xUohuvyT10PKKB0D5THj9JOv2pdeq9muMqXMz8-9g16MPZ4yh8sHw Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 0532	206 KB 65 KB	114ms 83ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:54 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66453 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1705495733332172" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Jan 2024 05:14:54 GMT
GET DATA	200 OK	truncated / Frame 93AC	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ca3151c54ec0438bb8562c6f3b164c5ff6fd2c05702079eb9ed8f1de660c10d1 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 0532	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b821c70c62b8e99c24bc8ad2e43948072b78fbf92480340c68594de0f6de080c Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET H2	200	pixel cm.g.doubleclick.net/ Frame 09DB	170 B 243 B	114ms 31ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNWKrdP-GW9ahlGQi_3u6TlFwVg1sZXCWC7Wpu38JioLPKMLAAQ09glV9DdrGXnrkAk1XivsvEy83APisob_-eMgNdNPRj7cjqVXnyjU4x_zVrMf4h8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 09DB Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBm1UDEH8d1F17E1bwmluDQ&google_cver=1&gdpr=0	43 B 337 B	33ms 32ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBm1UDEH8d1F17E1bwmluDQ&google_cver=1&gdpr=0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNWKrdP-GW9ahlGQi_3u6TlFwVg1sZXCWC7Wpu38JioLPKMLAAQ09glV9DdrGXnrkAk1XivsvEy83APisob_-eMgNdNPRj7cjqVXnyjU4x_zVrMf4h8 Protocol H2 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgCYXD0yqO1Tcl8LsnHKtiiBMY1ssiAGKyrQupH65lQiNI%2BR1r1QCtxt6gl9KftakDKQi4nKDDoDLTdc6rffcZUZh%2BzPE%2BpKNq%2Fd7ECAuY6dkUuKT7kGN9cCMwgYY1PpCbPqA2tFCSSehg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 848d13891b963a5a-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBm1UDEH8d1F17E1bwmluDQ&google_cver=1&gdpr=0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 324 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 09DB Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZayoTivRpz5deuomQ7AhpAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1	43 B 427 B	31ms 31ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNWKrdP-GW9ahlGQi_3u6TlFwVg1sZXCWC7Wpu38JioLPKMLAAQ09glV9DdrGXnrkAk1XivsvEy83APisob_-eMgNdNPRj7cjqVXnyjU4x_zVrMf4h8 Protocol H2 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgTjDPO17gc0Y%2FDrXi5GvgEf77ikBY480Kk8nEO%2FgZF8VI1VxF%2BtkfrOcMUSqwFz%2BDN6Iad6dIHHTVev6tCf6fErxtdlfn4rkXBR3HS6oA%2BhnNMOXytYB8mV87eXJwIo2iyGr7eeIO6NUg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 848d13895bb73a5a-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	img ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 05CE Redirect Chain https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=4e3ddf4399332f72fd21a523e... https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&cburl=https%3A%2F%2Fih.adscale.de%2Fsi... https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZayoTiYkVwz2OUX2V6o4hQAA%261147	49 B 559 B	20ms 19ms	Image image/gif	3.77.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZayoTiYkVwz2OUX2V6o4hQAA%261147 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1&sid=867088&gdpr=0 Protocol H2 Server 3.77.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-103-53.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers p3p CP=NOI PSA OUR date Sun, 21 Jan 2024 05:14:54 GMT content-length 49 content-type image/gif Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScyM%2B46hMYLPdDrC13pu3wG28IfE2j2xDBk0p%2B6%2FZu6BT2lsCpF3I4vYUsiZmOhkwJbFiCshcPEY9zs06iKvCYYWaN4em4qHIR9a3k0tarq645jc83I6GwmexUoGsAyEFqBKoYuW"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=63&tpuid=ZayoTiYkVwz2OUX2V6o4hQAA%261147 cache-control no-cache cf-ray 848d1388e8932c49-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 9324	38 KB 13 KB	25ms 22ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes age 375646 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 16 Jan 2024 20:54:08 GMT expires Wed, 15 Jan 2025 20:54:08 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 6658	38 KB 13 KB	28ms 27ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes age 375646 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 16 Jan 2024 20:54:08 GMT expires Wed, 15 Jan 2025 20:54:08 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 10BF	170 B 232 B	106ms 31ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNWD_j3ATmzmIdDKVoq4OZG0VgxD73CBDyphhcX3Vt39dZ0mrnfQ2QitHsv2zFLunqSy7GavbY0hmFtspNB4MWQqBZMVp81ZFImUWJQz1QQ0_ceBsYU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 10BF Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1&gdpr=0	43 B 323 B	34ms 33ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1&gdpr=0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNWD_j3ATmzmIdDKVoq4OZG0VgxD73CBDyphhcX3Vt39dZ0mrnfQ2QitHsv2zFLunqSy7GavbY0hmFtspNB4MWQqBZMVp81ZFImUWJQz1QQ0_ceBsYU Protocol H2 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctYnYvDz%2B1OL1Ta8YCvsu1mfBWuf7wWZqSgidjJTAkiCcd2h88wUtvmoG%2F2AQhCDaSMtRSxoL3KAz4OsegfyX4pzEQwwApHuVlHMggsWMm8xA0WTEu7zeIch25mlPoBlM2C8H5wURwqQHA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 848d13891b973a5a-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1&gdpr=0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 324 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 10BF Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZayoTivRpz5deuomQ7AhpAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1	43 B 354 B	30ms 30ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNWD_j3ATmzmIdDKVoq4OZG0VgxD73CBDyphhcX3Vt39dZ0mrnfQ2QitHsv2zFLunqSy7GavbY0hmFtspNB4MWQqBZMVp81ZFImUWJQz1QQ0_ceBsYU Protocol H2 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrWFmEfXrltuvP6BDUlYPrVEqYF9H26ieR%2B4NzmiW6lerqMyjAez8aSQveK%2Bq7Q9%2B0qOegvZkSyHUFNOv3XVA55OGxj3M0WLoFtUBEimHYC%2B5hGN3C%2BIIP09Dil%2BNinx3w5O8EsWLWAOvw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 848d13895bb53a5a-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/4023836015931162624/ Frame 1216	29 KB 9 KB	79ms 32ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=fV1H4x4ewf&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97a3aca91c466c84414d785cd820f6385b2ab5e254cfac82614b6d0966f4ca88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes access-control-allow-origin * allow-fenced-frame-automatic-beacons true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:54 GMT expires Mon, 20 Jan 2025 05:14:54 GMT last-modified Mon, 11 Apr 2022 09:15:15 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view ad.doubleclick.net/pcs/ Frame 93AC	0 0	205ms 62ms	Fetch image/gif	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjsu4uD7dtDWHFwnSUSGjVsUI6tOwoY_Kp1A0AMMTpmaV8sTuv5yJTS7BFtsvpBnJIXbjBgVFDlzW_kCQGRifLBYNzXSv6Z4phat3krsFKcHsGGiVgBHp4efT4v3EkTHU9HEyn4S9Lh84ojO8-_BqdUfP2Y6xmW-OO46qkb3gYZOsLFmREtBUOhBVVc6cEp8RVRaXhILRbtBRCRvkyBDiC7qoQlqF95Z7hF_kr_1weHEB8pAPNXU3m-AducnFk80MfwCk1TkoMBxq-tM3Gtd0YtZFUQ4vGiPJZ8INUwM-D4uB2CAV9g1_sMZ7n-rdYq86JHfc6BveD2uYvBGoGdvnkkJyDqm6sO8w7jaFSToXAnEITdNAFExhms4fUHfDBsNunvk7hceec-P3qQ7B3f3AyuMNrBMO9fmcozL9n4d_yHtPIj5glU_mfRBjWSCRYrXyHCxPxBWawK01-f6gIc0_H6DtsFjHmfcqWESbKuhO92IjI13KiL4U5yri6X3_MT8MRVs3IPcBWX65rP1QtXeeFhMq5G2lUacdNhTtJKD4v8iHet5EuXIUphHA1JZ5ED5USrxOci4MAc1iW0gXITdq5lw2KwA2ye-KptOILi63WD0R2c7aI5iAiiJ-JWs8aXbVVL9n6FGWiGhkvnaAgrZOCeehXWms5EfeRCfnBzVW12nbVVzvOxPQ_FRKDiLA4dg1FZOqcKHGT9eXF5UzpKG0m272t2R5ZbhTMOcKgGp59lRJPnLhFjFo4OWgp0e6JGQW8PH4eEO4lO0YmIj-ukxoUngiRrnJ-K-HF8zJKvNuYlfPqqJNhnBPTI4yZqX8yIoBe7qD0p1mNj3Yp-f5f2r14S8pZ59i6YolioD2xRxT5dSMFXYI2smXyCPsf9RvCzDd3-aG9-grbDzfYqBhsc3vj4R70WBM4tg9U41q7X6mJLfKZP_laN-z6azihnwDiuh1L-N7o5rnYIXwAo_nSxOmK1SvjpJfWoPimk73ZcRa8pycSNW727G9vPaR6PVKvyyfwTHMkSwpBUXVz3u07VcDvMqc9EgR9v_j0okPQZ1D9rFpejgMoxpApwBg0ZANeB2w-lchSz5P9kSzXMQ9LfVur543kQSBkMS14tfbWjI83NHl_w_4g2xA7w0OK3lsX53MJBm6uSQVhYQxqH2Bm2_YmXC8eEdSuaxyMgqxUPrz06UNmTqICKMiphHJ3FX4uvbbldZuZ4T3klPNbFV6lJTTTKsAwzZPXcdz62shrGGY0nXe_AsIVUvX1MjkMlwGiga1-J5c_QgYmwPy1DO_oGP8zLRBHJQ48mLYiDxtEmUWWp4LAKswMsYAmmaMx4W3GJuCo8s9mN32D_eNg5w_QnDvDQtFdGxvHltSPDbqOe8l1XtdbzWKyDhHhyGQ5xDNc-FKUEQyIA2xC2n9lckrFRqie7jQmiBPpDu4Es1XUxIAgzbP9Hccjzydql1Gog63m3TvDy0KYlqA4Q&sai=AMfl-YTOE1f623MVjjT6cnLDx-zxaM1HBcFnXTpBi-DV5NIHmh2t0ezxvTNaemIER2q0p-dNpVZ7Py_AhXtuiHgRV82CE3z2YgobkL8YsK_mnGn9VxC4Fu6rlD9IywWT4kUD0SxgeVq8h41NDBG71MKIvHNumWssZzLqClfOALMquCJZjUhBJQSiTb6Vtz5aXwFg1vd_dk32EXbydV6eHPIDscs-EEJAmetxbtGBjIOyWlWshNfs1KIXGIHo7A30lviKFNbDyUSd0IFkP5OrpUdJwkUkl0EG4VUquQ3bp0lsmwB9Qi6RXolLdiX3TiXzrRJvrbIryhCRFsJDddlZd5zTUT2lUgwYJAlIrZ2-OQRL2ytpGyZdFEE4RoDBx99tTbEi61vFcQtLxkl4VsPZdNGO9ZgWKAvyNpTlewaraaDKQAyQNkBo6OpaznOIk0beeO6vazVFvzML8XUMSF-mnLJS0W4PlCngzXrG2kXM004VOnmk2aUgN0XSPVJHqwC5zrn_Ypbp4A&sig=Cg0ArKJSzGAZLSOnrRv-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lbmpveTM2NS5jaCxodHRwczovL2Nzcy5jaA&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=176&cisv=r20240118.38423&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 21 Jan 2024 05:14:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/4023836015931162624/ Frame D845	29 KB 9 KB	72ms 35ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=gu0El7geXa&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97a3aca91c466c84414d785cd820f6385b2ab5e254cfac82614b6d0966f4ca88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes access-control-allow-origin * allow-fenced-frame-automatic-beacons true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:54 GMT expires Mon, 20 Jan 2025 05:14:54 GMT last-modified Mon, 11 Apr 2022 09:15:15 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view ad.doubleclick.net/pcs/ Frame 0532	0 0	198ms 63ms	Fetch image/gif	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjst2C_TJ7tY-we74Ly3rz6A5p5UvVVaF_i712UQX7DNuLJwSr4utwMMOZtui3O2q-TrvZYg67-yl5OknTOU4T8yqJVNL0sejDjce5ETDYi9udagj0aHMuYACggzGADVCScA7HmWCklIiI4PVpp3CbcDYIZ4z9V4eCd_GXXJpd7AzBJatiPp6qgjC_AObAqZXNrhJ6EAg19pUgXXSM_IRTaY5a1jP4LtCzv-3EZpMTMx97vECbzVkBTasHKXQniwdkjMMcuViBG1oKtG6FndAnxWSNp8ZSatRjcE9NSK3ujTT23-iq_IVgO0bu4CEaAlD6TimKZfd7fv50dq6v3rNb8IRZObZYbWirlW1OMQlLddY0Wl1BTJAkjFW7ZXAWqFNAZcvUqMMxqFy2ajjR7rQX_SCUMgFCgOezyfd4DhhAKJnXtMjZKvANMikeQI5AXLr-zi5-auQtcortWyPGuG9DPCpTfZ2EXpy5tx_REvOJ7JKTUZAXis6aRAOXGxn7RtjaSBzZqonjHbAa5mw4jjipldlZnI8REK2tu4JUUAKhVPqd5x4ZT12yEWTI4i5cY43VX-9ZseJEgliMy-d-x8dJ8bWGLNrlUFJ-OMyOEZowekaTDteYRTCjQLJkbQow-gKji2k-K8baT7oQUuQVGoM1QuledEMtgJFdF-LHuZfYsvxfCOfow2ecIIGbJ7YBTvzMPYrdYqq8YRt4K5bxBdBGWq3IFiDwAzfkajTwGMgB00sakujJhLxq_8vDakfRcZ0RRGYQ6q8VFlHK67DqLtGrfnwsiMP1cf1dXw9wL1ReZM6gUYBwqe0Pqb8eSTH2EkBAo6kQU3lYgqSMkWQIX9KtPD-jGKGnrmqShJ3SlcylbdFT_wcbYRmuIHjNzhUtmyM9la9fLpMgnt0Qjm5-KQSxggJnRn78hCOM_k8IkbKXxMfL005sUN1GIESQ8bn8kQE7JQA0iYdeNycxeTHEXUZCA-Jy165dpl7axgywEhXv6eNTlnhYIl1GPIJeTRmZNi2NX5qn1Zws3iWEwzpSeXdMJ10332qwhRSbmo5M5Vb9WYAFvd6VJLXOu6LeDB1Nb-dcBNh05MzJXi19yHoM5fmWwoE3Lavfu8W5nMap9KmJm1GH2bNhcDZCEPcipH-UadS4ZniZrY3jEfAjyGrh4ewdAhYMsus_7wCvSW2DzPM9e8m_-u4I9ru_hupRB_JV7edtGsfYQv8ee7wQ_zx9maUyo6Bv3agPqplMqwwHMsrg6-6emC8Y_HKjIi2vh06qriK_Cno0qDFmYv0W6hjh2vi-UsloJbaDtEAHyU_6PnbODaWtEySfDEdd7jiBQWQRkiJFgfk_5NMd0U9NwFBoQ8iqECcFl6ruyM5N8ffQawup9jlfQFhZxLCIdLGOvMwM-A8DhY6tM-oE8EC1kxOx2b4-IZSSSr8ELfEOIudUmtX5bY8q9T2E_ZNkNV9s4wpY-mwkZBFEg&sai=AMfl-YS6Nu-Iio6BH8vOxhlPf2J5fIuM9SE3rPs8Ztli9qMYVVoD5uRHFaQ_Rp7NDVWhekO0mMuD2I0KJMz8xF2iIr30V_a4L3wgVxQHYWZTIKttT7VAS5C-yhYK2sY1eaiyXfifemnzh19l0mugGOwXHFG6a37O6KB0W6Uk_AdV6f6C1ChB339eMloKP1wZjoYYzmAEsYUdyEOKAygdJBQMb2izZLmu1bwRKb65g3ve4bo2Ny3fT-GnODReiWRWbtG3nZJ0-jdRiwvjgYOU-Xn0sQGgUJDRL0BlJNexAVR6GoPYx62D1kLnJApxgRPbWFGpHT5OeEd23P0Krnqdf3FCu9S7XZuRuRoiJDBp2i3p9Z3YJK5iPrxVQhOKSjFI0Jx7ohgxYAyMSgzudlSsH6JWbwyOxMhJqNHp-ggPDWiOSr1syw7j7Y2cN0ekMKqqUs9MyclqWcVPEFl8L9TaazFa1QhSPrWfGGpUlERnWguu72dmuycsaEiYDp5NBiNoAnftKDvt4A&sig=Cg0ArKJSzF-kBHA54KYHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lbmpveTM2NS5jaCxodHRwczovL2Nzcy5jaA&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=168&cbvp=1&cstd=164&cisv=r20240118.00614&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 21 Jan 2024 05:14:54 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response pagead2.googlesyndication.com/bg/ Frame 9324	50 KB 19 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 02:23:58 GMT content-encoding br x-content-type-options nosniff age 355856 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19642 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 Jan 2025 02:23:58 GMT
GET H3	200	IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response pagead2.googlesyndication.com/bg/ Frame 6658	39 KB 15 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:19:48 GMT content-encoding br x-content-type-options nosniff age 14106 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15219 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 20 Jan 2025 01:19:48 GMT
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame 05CE	70 B 149 B	153ms 49ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=adscale&ttd_tpi=1&uid=63d56a3df99cf514308befadf7907555b8d10ae74d1b17fa3dd76b18e44e8aef&tpid=60&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg&gdpr=0 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1&sid=867088&gdpr=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:54 GMT server Kestrel content-length 70 content-type image/gif
GET H3	200	gsap_3.5.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 1216	60 KB 24 KB	72ms 71ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=fV1H4x4ewf&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:54 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24155 x-xss-protection 0 last-modified Mon, 31 Aug 2020 21:23:17 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:14:54 GMT
GET H3	200	EasePack.min.js Show response s0.2mdn.net/creatives/assets/4075024/ Frame 1216	2 KB 1 KB	37ms 36ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4075024/EasePack.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=fV1H4x4ewf&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:07:05 GMT content-encoding gzip x-content-type-options nosniff age 469 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1342 x-xss-protection 0 last-modified Thu, 04 Mar 2021 09:57:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:22:05 GMT
GET H3	200	Enabler_01_248.js Show response s0.2mdn.net/879366/ Frame 1216	118 KB 40 KB	25ms 24ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_248.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=fV1H4x4ewf&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 23:45:27 GMT content-encoding gzip x-content-type-options nosniff age 19767 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41094 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:45:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 23:45:27 GMT
GET H3	200	MuseoSans_300.woff s0.2mdn.net/creatives/assets/4075024/ Frame 1216	22 KB 22 KB	46ms 46ms	Font font/woff	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_300.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=fV1H4x4ewf&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 602a48d8418dc75bc51795b3f33e2e49ee38d40c4a658723b0878f1c64a68265 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://s0.2mdn.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:09:24 GMT x-content-type-options nosniff age 330 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22016 x-xss-protection 0 last-modified Wed, 03 Mar 2021 15:07:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:24:24 GMT
GET H3	200	MuseoSans_700.woff s0.2mdn.net/creatives/assets/4075024/ Frame 1216	22 KB 22 KB	38ms 37ms	Font font/woff	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_700.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=fV1H4x4ewf&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7ccc354572f46ed4b26ffec17c24264cce720c1ebab7693af8e88032e46b6544 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://s0.2mdn.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:09:24 GMT x-content-type-options nosniff age 330 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22640 x-xss-protection 0 last-modified Wed, 03 Mar 2021 15:06:56 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:24:24 GMT
GET		mobileApp-chf500cashout-parallaxe-sprite-728x90.png s0.2mdn.net/sadbundle/4023836015931162624/ Frame 1216	0 0
GET H3	404	mobileApp-chf500cashout-728x90.png s0.2mdn.net/sadbundle/4023836015931162624/ Frame 1216	43 B 65 B	696ms 696ms	Image image/gif	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/4023836015931162624/mobileApp-chf500cashout-728x90.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=fV1H4x4ewf&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers expires Sun, 21 Jan 2024 05:14:55 GMT date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff server sffe x-dns-prefetch-control off content-type image/gif access-control-allow-origin * cache-control public, max-age=0 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-xss-protection 0 allow-fenced-frame-automatic-beacons true
GET H3	200	gsap_3.5.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame D845	60 KB 24 KB	88ms 88ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=gu0El7geXa&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:54 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24155 x-xss-protection 0 last-modified Mon, 31 Aug 2020 21:23:17 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:14:54 GMT
GET H3	200	EasePack.min.js Show response s0.2mdn.net/creatives/assets/4075024/ Frame D845	2 KB 1 KB	54ms 53ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4075024/EasePack.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=gu0El7geXa&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:07:05 GMT content-encoding gzip x-content-type-options nosniff age 469 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1342 x-xss-protection 0 last-modified Thu, 04 Mar 2021 09:57:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:22:05 GMT
GET H3	200	Enabler_01_248.js Show response s0.2mdn.net/879366/ Frame D845	118 KB 40 KB	54ms 54ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_248.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=gu0El7geXa&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 23:45:27 GMT content-encoding gzip x-content-type-options nosniff age 19767 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41094 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:45:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 23:45:27 GMT
GET H3	200	MuseoSans_300.woff s0.2mdn.net/creatives/assets/4075024/ Frame D845	22 KB 22 KB	61ms 60ms	Font font/woff	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_300.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=gu0El7geXa&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 602a48d8418dc75bc51795b3f33e2e49ee38d40c4a658723b0878f1c64a68265 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://s0.2mdn.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:09:24 GMT x-content-type-options nosniff age 330 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22016 x-xss-protection 0 last-modified Wed, 03 Mar 2021 15:07:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:24:24 GMT
GET H3	200	MuseoSans_700.woff s0.2mdn.net/creatives/assets/4075024/ Frame D845	22 KB 22 KB	65ms 65ms	Font font/woff	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_700.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=gu0El7geXa&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7ccc354572f46ed4b26ffec17c24264cce720c1ebab7693af8e88032e46b6544 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://s0.2mdn.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:09:24 GMT x-content-type-options nosniff age 330 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22640 x-xss-protection 0 last-modified Wed, 03 Mar 2021 15:06:56 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:24:24 GMT
GET		mobileApp-chf500cashout-parallaxe-sprite-728x90.png s0.2mdn.net/sadbundle/4023836015931162624/ Frame D845	0 0
GET		mobileApp-chf500cashout-728x90.png s0.2mdn.net/sadbundle/4023836015931162624/ Frame D845	0 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6658	0 20 B	56ms 56ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSm6qTaisZcnRKKOi9u8Pyumg4A4AAAAAOAHgBAI&bg=!WFulWxTNAAa8BdJLnAU7ADQBe5WfOFt56uZ7Y1FT6oUhMDJvFksx2ClTCqsPmo8ZEJATjOC3CNQBufBr5zsl27bGeaD4AgAAADxSAAAAAWgBBwoAf2Z1j9T9dpRUJS4YJVyn3C_0FMCiJd3YyuPNJnL04QxECYvNGwlqyRtjGJ4_EHmdKGK3XGXrAmg8kJY4MicGPolv0jtoPLB25_Nod_JASAjG7w-RCbHdYkRxOKOQNlRlmG1MJ4tPKoijBH7pqORdZxK9saMh54xx3WhBpp5LdsKZAwFlbrLr6gXx64Evqz_XA6XS0j3LiLIltXYDm2AD6ANL1roQo0wMlbQB7CuxdFKDsJwMMWZL3vVGM-ZMNa31-iTXQGHSKgYPSGTxS25-j4dhBtZMtETL2YCUWCJk-hjcwRq6Cn377zuj6zjZlAb0HGVSY-rslvwcwl80SUbhFNzy20TexLDj2WJpATGaDuIRyb6nsHe3VNXeoPON4RBrfkd5p3Q-JYYIMvhx38wb8ZJSCzr7xyDHlLR1zMHmJ18VpwpLvQfeJXGNzSvs3pLaiDrHab0rTflGekCqNTi8RpCaZwFpy2vD3W795tqQ_1dJVQwHWbAzf9VKuFXabmkgAHBmTxYFzKS9Q7kPATVx_eGG_dYqkzS1SvRMdWW3XewSIr-phaHGSCKtPB6bhwZ0L37dO37ee-mnONFGsCfGiS8XVR9bpu7KaJB4jsW7KUdlzPP-TInfJoN2g9mfbFubvqwDL8LKbO5W_UYR7_GhK7Q2VfUihZZDIsJvNMPq8gnXkkAIECqblP4PygYaDiwtBxI7omw9zEKvgadkKHGejafSh98bOAnsHgjkbCLeLqD9iOo1dKYyMaxXB2NgKaLWLeLZnXtUn5ESRX7sGgIZts_FvqUqVjVA_aIy_NHP1si4KKi_iX7mjnMmt0UqoqzAhzhmwTMn_7QMTUpEt1sd2QNUJ4iY6QaMZo_i3Tj07vHPVOqayJCHrKnlrt4gYtsMdOUVSB39gCmdP1f2ANJkUTrmO5AfRDNzM2BtucUQEOXRFNqVkwP1XGfppeekgtxRTXzNM6VdmxjCTl2VgvHeCpHv8a4p_4P-5nGdtU4qD-gD5rZPhjqk4Ji0X1dMJWJAq6MQe7JbMAOKYcVBp0g7Z9eWw7HW-VK-qZRFVIUZEekiynoHqBVowPnZQSZNnJrxUIQVByxPbcyBVQjkhq1khZd3Z0Q5zuH-_WR8CUooX7BvBqUG1HdR0hyhLtk-QD3wsyRaZX13lGL83eQZDh3pUVpZexXDR0bwuXu_M1fWIALnfIWg Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9324	0 20 B	56ms 56ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BXLMlTaisZd_nKLWA7_UPnYewmA8AAAAAOAHgBAI&bg=!JiWlJWrNAAZVxkGXdcY7ADQBe5WfOFOF5Q3GE1KQl3vNu3yATejoTGAkuc4DzqXVAKRJqxiYagMM8QB_1m-Y0NGZ_B83AgAAADlSAAAAAWgBB5kDGlvLvgzhjxfQVbJt_nxYYBnw56lTESu3EmNaD-4r3iurJshCxwQATMwgA97K5S7359XeuzEPuVFEZx9jmmnhHcReifHPqYlIyx8g7SopRkdTgFc2KHU3CXg5Dr0K9TrW-vvd0zpyYcKZ4W6U8tN2CAPTWhXnjB6Rcb9HyLp2xsiWL5OmzijyXQGEn_kfzlNHhg6v5N9u4grds3-N8nXCQ0TXObvSYbo5W0LYDw1taJ5EsvfS2w-1n1Zn1hekWQH5Mg8skBD3ihYlciS24WQfFV5TUrSUuBc6gcL-HOyGaHW0uEPw1D1naq6OVK5TAA-OhuT7pf19oAOYeZ6uECQoxKX1q-RhdGm3WI7unjL20Ev7sEB6329rpIfkMru17yUt7kRoZptae57EOq7SrjgF_di3Q9a8ABEtLcdvg7wcTW6S-pkNkO0KNYFtxna8-aMGbus11WmA7YkHtTzcNnfkgSSpR1cdzlBd5xA8r3jSble4L5Nq84IG8UvxehGdvD9T76U9md0_OXMswc8e8PVrQKktK8bFY4beHP7w6xS2ADVjB6QjSyHLViqUPoJdnghu6mh4XdgARY-vPrwtKUxvNovdDBSkoRx9hQh4V_QfEy06GWpMe_dTUKWW0mju3YY6272EQnndkuBMe0Xu3UHQwFqA_Olm82NXAt1iX_8s5FKd6a1vhiLizrRhjFCu1vJXwbh7CURq_Vq2XC4qyipMr6lxQLMlXGzPCLRKDRRDztYlj3GPdlxHgpDjz7egDbbp0ouDPNUesdu84VXAaUzqxei_m0UOKEDX3Du_Fu7hNzGZdI1souTmeHgiV7QAdA3RRdywy8REMHlWPiHHHnhu8kZNCG-TDDu0Ju0cd6ksEqbZLhDOqBYFtoaLD_r2mxcFuk9hfNg1ne6ym7Oy9nY9nDTKlSrBLVRJjm4LkV4HKCfIAW-yzodJcU-cXJBvZz8kGzjqH6pAxruzKTxDrMIStUz9q1oTPtwxNVG6zCvOdv_0gy8TKxGyjoLLLAjIOnPvU8vOUcMmMKaPx8kHd3Shn-d9spkT6QMTou1x Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	css_logo.svg s0.2mdn.net/creatives/assets/4443938/ Frame 1216	2 KB 941 B	23ms 23ms	Image image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4443938/css_logo.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=fV1H4x4ewf&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3606038c4383f073154069ba196c9cd774926741f7a74807c1097eb23badda8f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:08:50 GMT content-encoding gzip x-content-type-options nosniff age 364 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 913 x-xss-protection 0 last-modified Mon, 21 Feb 2022 15:45:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:23:50 GMT
GET H3	200	MuseoSans_100-webfont.woff2 s0.2mdn.net/creatives/assets/4466103/ Frame 1216	17 KB 17 KB	23ms 23ms	Font font/woff2	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_100-webfont.woff2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=fV1H4x4ewf&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80517662352655810cd94d92070d02d75b231c2159cb5b92e6c9b6ceb1bea2d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://s0.2mdn.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:08:49 GMT x-content-type-options nosniff age 365 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17148 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:00:19 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:23:49 GMT
GET H3	200	css_logo.svg s0.2mdn.net/creatives/assets/4443938/ Frame D845	2 KB 941 B	23ms 23ms	Image image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4443938/css_logo.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=gu0El7geXa&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3606038c4383f073154069ba196c9cd774926741f7a74807c1097eb23badda8f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:08:50 GMT content-encoding gzip x-content-type-options nosniff age 364 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 913 x-xss-protection 0 last-modified Mon, 21 Feb 2022 15:45:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:23:50 GMT
GET H2	200	img ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/ Frame 05CE Redirect Chain https://track.adform.net/serving/cookie/match/?party=9&uid=45570f02aec44112a3e49d2673c29700246153c2de9f8d1e802532b00eb13a4b&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2... https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=45570f02aec44112a3e49d2673c29700246153c2de9f8d1e802532b00eb13a4b&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b... https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=42&gdpr=0&tpuid=6163548036286723000	49 B 569 B	22ms 22ms	Image image/gif	3.77.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=42&gdpr=0&tpuid=6163548036286723000 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1&sid=867088&gdpr=0 Protocol H2 Server 3.77.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-103-53.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers p3p CP=NOI PSA OUR date Sun, 21 Jan 2024 05:14:54 GMT content-length 49 content-type image/gif Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=42&gdpr=0&tpuid=6163548036286723000 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	MuseoSans_100-webfont.woff2 s0.2mdn.net/creatives/assets/4466103/ Frame D845	17 KB 17 KB	23ms 23ms	Font font/woff2	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_100-webfont.woff2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=gu0El7geXa&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80517662352655810cd94d92070d02d75b231c2159cb5b92e6c9b6ceb1bea2d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://s0.2mdn.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:08:49 GMT x-content-type-options nosniff age 365 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17148 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:00:19 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:23:49 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 1216	8 KB 6 KB	258ms 211ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_248.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 63fff65fa33029602e3c8804ca070b09a72a05bcf8ad9bebef9b419eaa805054 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:54 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5893 x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame D845	8 KB 6 KB	102ms 60ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_248.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0b311b5538d72b446ab204c8346c29ea1158b06b2e6c7738dd0027034cddf8ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:54 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5884 x-xss-protection 0
GET H2	200	img ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 05CE Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u... https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=8c375685-132e-4399-935e-5337bd41830c&gdpr=0	49 B 592 B	20ms 20ms	Image image/gif	3.77.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=8c375685-132e-4399-935e-5337bd41830c&gdpr=0 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1&sid=867088&gdpr=0 Protocol H2 Server 3.77.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-103-53.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers p3p CP=NOI PSA OUR date Sun, 21 Jan 2024 05:14:54 GMT content-length 49 content-type image/gif Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:53 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=8c375685-132e-4399-935e-5337bd41830c&gdpr=0 cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1026162 content-length 0 expires Sun, 21 Jan 2024 00:00:00 GMT
GET H2	200	img ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/ Frame 05CE Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=c82477ac012d19982279627f7380f96142aeabe9663f28d43cdb8b48358a0f93&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7... https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?uid=c82477ac012d19982279627f7380f96142aeabe9663f28d43cdb8b48358a0f93&tpid=38&gdpr=0&tpuid=CAESEJHH91ZOBAYAf3aPaOdge18...	49 B 609 B	22ms 22ms	Image image/gif	3.77.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?uid=c82477ac012d19982279627f7380f96142aeabe9663f28d43cdb8b48358a0f93&tpid=38&gdpr=0&tpuid=CAESEJHH91ZOBAYAf3aPaOdge18&google_cver=1 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1&sid=867088&gdpr=0 Protocol H2 Server 3.77.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-103-53.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers p3p CP=NOI PSA OUR date Sun, 21 Jan 2024 05:14:54 GMT content-length 49 content-type image/gif Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?uid=c82477ac012d19982279627f7380f96142aeabe9663f28d43cdb8b48358a0f93&tpid=38&gdpr=0&tpuid=CAESEJHH91ZOBAYAf3aPaOdge18&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 424 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	img ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/ Frame 05CE Redirect Chain https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae4190b02ba2527b4b5cdb%2F1705814093915%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 https://adscale-emea.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fih.adscale.de%252Fsium%252F2f7cd7e0b3ae4190b02ba2527b4b5cdb%252F1705814093915%252F0%252Fimg%253Ftpid%253D75%2526tpuid%253D%2524... https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=75&tpuid=3630214451870884020&gdpr=0	49 B 618 B	23ms 22ms	Image image/gif	3.77.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=75&tpuid=3630214451870884020&gdpr=0 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1&sid=867088&gdpr=0 Protocol H2 Server 3.77.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-103-53.eu-central-1.compute.amazonaws.com Software / Resource Hash 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers p3p CP=NOI PSA OUR date Sun, 21 Jan 2024 05:14:54 GMT content-length 49 content-type image/gif Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT an-x-request-uuid 25cbad0d-d3ce-4ee2-8c24-d87cc02bca28 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/img?tpid=75&tpuid=3630214451870884020&gdpr=0 x-proxy-origin 149.88.27.83; 149.88.27.83; 866.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	113 KB 46 KB	336ms 336ms	Fetch text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1722366591923444&correlator=2290701855040953&eid=31079958%2C31080527%2C31080563%2C31080550%2C31079724%2C44714449&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fif&gdpr=0&addtl_consent=1~&iu_parts=53015287%3A22660584153%2Cnix-wie-weg.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D2a2ea81010653d55%3AT%3D1705814093%3ART%3D1705814093%3AS%3DALNI_MZK7BmZYa-rp9hvK-GNhf9wbrDqEQ&gpic=UID%3D00000d45917235bf%3AT%3D1705814093%3ART%3D1705814093%3AS%3DALNI_MYFMjzbXwgsmArw3sz81oKmgLeBIQ&abxe=1&dt=1705814094732&lmt=1705814094&adxs=436&adys=1341&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.nix-wie-weg.de%2F&vis=1&psz=950x108&msz=728x108&fws=4&ohw=1600&ga_vid=74737327.1705814093&ga_sid=1705814094&ga_hid=1554434404&ga_fc=false&dlt=1705814092996&idt=587&prev_scp=yieldlove_reload%3Dpid%253A28668.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A28668.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_ab%3Dyl_ver%253A1.67.0%2Cpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A28668.yl_ver%253A1.67.0%2Cpid%253A28668.po%253Adefault%26yieldlove_meta%3Dpid%253A28668.sb%253Af%26yieldlove_pid%3D28668%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D28668%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse&adks=989504133&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 656b922baf94ebae4b7441de6541686f3ce0297521ed81fb8e0ae91a993a95af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47257 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.nix-wie-weg.de cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	110 KB 45 KB	504ms 504ms	Fetch text/plain	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1722366591923444&correlator=2290701855040953&eid=31079958%2C31080527%2C31080563%2C31080550%2C31079724%2C44714449&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fif&gdpr=0&addtl_consent=1~&iu_parts=53015287%3A22660584153%2Cnix-wie-weg.de_d_728x90_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D2a2ea81010653d55%3AT%3D1705814093%3ART%3D1705814093%3AS%3DALNI_MZK7BmZYa-rp9hvK-GNhf9wbrDqEQ&gpic=UID%3D00000d45917235bf%3AT%3D1705814093%3ART%3D1705814093%3AS%3DALNI_MYFMjzbXwgsmArw3sz81oKmgLeBIQ&abxe=1&dt=1705814094733&lmt=1705814094&adxs=436&adys=3272&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.nix-wie-weg.de%2F&vis=1&psz=950x108&msz=728x108&fws=4&ohw=1600&ga_vid=74737327.1705814093&ga_sid=1705814094&ga_hid=1554434404&ga_fc=false&dlt=1705814092996&idt=587&prev_scp=yieldlove_reload%3Dpid%253A28668.reload%253Afalse%26yieldlove_meta_reload%3Dpid%253A28668.reload%253Afalse%26yieldlove_reloads%3D0%26yieldlove_reload_count%3D0%26yieldlove_ab%3Dyl_ver%253A1.67.0%2Cpo%253Adefault%26yieldlove_meta_ab%3Dpid%253A28668.yl_ver%253A1.67.0%2Cpid%253A28668.po%253Adefault%26yieldlove_meta%3Dpid%253A28668.sb%253Af%26yieldlove_pid%3D28668%26yieldlove_hb_sucbid%3Dfalse%26yieldlove_hb_unit%3D28668%26yieldlove_reloaded%3Dfalse%26yieldlove_is_reloaded%3Dfalse&adks=2703868347&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e9496e5e36d7f002a273788758661ab6f2b28cefc89f673262fcdcc250007eb6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46386 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.nix-wie-weg.de cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/ Frame 05CE Redirect Chain https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=a75761633281f9f8814545584f9f14f9b66f759eb1be6bc538b236b384b626d8&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae41... https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=a75761633281f9f8814545584f9f14f9b66f759eb1be6bc538b236b384b626d8&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F2f7cd7e0b3ae41... https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/js?tpid=48&tpuid=6f559b57ab8404423580f3c09af396f0	44 B 636 B	20ms 20ms	Script text/javascript	3.77.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/js?tpid=48&tpuid=6f559b57ab8404423580f3c09af396f0 Requested by Host: ih.adscale.de URL: https://ih.adscale.de/map?format=display&ssl=1&sid=867088&gdpr=0 Protocol H2 Server 3.77.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-103-53.eu-central-1.compute.amazonaws.com Software / Resource Hash 4af992a077131009cfe8bee96048bf79c034c9cf7e48de14193a1bf01a4b144e Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers p3p CP=NOI PSA OUR date Sun, 21 Jan 2024 05:14:54 GMT content-length 44 content-type text/javascript Redirect headers location https://ih.adscale.de/sium/2f7cd7e0b3ae4190b02ba2527b4b5cdb/1705814093915/0/js?tpid=48&tpuid=6f559b57ab8404423580f3c09af396f0 date Sun, 21 Jan 2024 05:14:54 GMT content-type text/plain; charset=utf-8 content-length 147 vary Accept p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
POST H2	200	sium ih.adscale.de/ Frame 05CE	0 0	20ms 20ms	Fetch application/json	3.77.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ih.adscale.de/sium Requested by Host: js.adscale.de URL: https://js.adscale.de/match.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.77.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-103-53.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type text/plain Response headers access-control-allow-origin https://ih.adscale.de date Sun, 21 Jan 2024 05:14:55 GMT access-control-allow-credentials true access-control-allow-headers x-openrtb-version content-length 0 access-control-allow-methods GET, POST, OPTIONS content-type application/json
GET		view ad.doubleclick.net/pcs/ Frame 0532	0 0
GET		dc_oe=ChMIiazs2NztgwMVI5H9Bx3KNAjsEAEYACD87-VG;dc_eps=AHas8cBF1_18whOat2NVpEvT7ckOtdyRnCBfGuWVCW0xmr4isJeAfV_H6W6w4YqkBsGByFacsiodtZfDVA;met=1;&timestamp=1705814095092;eid1=871060;ecn1=1;etm1=0;eid... ade.googlesyndication.com/ddm/activity/ Frame 0532	0 0
GET		activeview pagead2.googlesyndication.com/pcs/ Frame 0532	0 0
GET H3	200	container.html Show response dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6C54	6 KB 3 KB	23ms 23ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.nix-wie-weg.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:53 GMT expires Mon, 20 Jan 2025 05:14:53 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	win Show response prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/	0 57 B	19ms 19ms	XHR text/plain	3.77.5.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/win Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.77.5.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-5-141.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 21 Jan 2024 05:14:55 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame B4B7	499 B 203 B	59ms 59ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNV3_alh5FIioa2Yn6VuTjMOLbky7LvTMpWk-rdMXRl5DQy4GlIIMUWYAXkNO8EMJDuxPojNGVM-3os44Jpg1CQuQ7BSHfSOXfYEypZzkPBU9nykM9s Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 5ee2a16d4f8f9629ae75e0f94473f8601a4e0bf9527ba4467a094926e0947505 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 183 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:55 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 6C54	172 KB 60 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 23:49:04 GMT content-encoding gzip x-content-type-options nosniff age 19551 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 23:49:04 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 6C54	8 KB 3 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:37:48 GMT content-encoding br x-content-type-options nosniff age 38227 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3206 x-xss-protection 0 server cafe etag 12640889860211258669 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:37:48 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 6C54	23 KB 9 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:32:08 GMT content-encoding br x-content-type-options nosniff age 38567 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9276 x-xss-protection 0 server cafe etag 3558958386372919956 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:32:08 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 6C54	41 KB 14 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 02:28:13 GMT content-encoding br x-content-type-options nosniff age 355602 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 16 Jan 2025 02:28:13 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 6C54	3 KB 1 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 13:28:07 GMT content-encoding br x-content-type-options nosniff age 56808 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 13:28:07 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame E55A	1 KB 643 B	24ms 23ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers age 43451 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 20 Jan 2024 17:10:44 GMT etag 48472445140208031 expires Sun, 21 Jan 2024 17:10:44 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 6C54	20 KB 8 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:28:59 GMT content-encoding br x-content-type-options nosniff age 38756 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:28:59 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6C54	42 B 63 B	54ms 53ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dz5qzXA68ct_ppv-z5ycRmNQtSfOC3MUZ7irtLDMHjZMsS1OWr1jQSJh_9EI1jet_SfsJFKmZHEu8XbSHgYSWL1egdgi1U0r5xrBw7vqqsO3pWrKI Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 6C54	0 0	85ms 30ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5IGEUOhtNXRiTLtiM17lv7PRp9DzKu8j9q6zXPI10JkeuWli5FlaYBLlVxMiXo8Jzv0W56EAvAWrLT-uOCDCoeuQ6iQ Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 6C54	206 KB 65 KB	35ms 34ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66453 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1705495733332172" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Jan 2024 05:14:55 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame E55A Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEO00JHI23du1vrghfMbHLUc&google_cver=1&google_push=AXcoOmTqzn2bdC9nw6E600AIRw8w_mxIOlk0GtEzIM-PhGp8KTVpepxK2CKxe8ETX6w3RQkImCQ6wqwazpkF5My_AZPNh_IaazbLy... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO00JHI23du1vrghfMbHLUc&google_cver=1&google_push=AXcoOmTqzn2bdC9nw6E600AIRw8w_mxIOlk0GtEzIM-PhGp8KTVpepxK2CKxe8ETX6w3RQkImCQ6wqwazpkF5My_AZPNh_Iaazb...	43 B 420 B	200ms 200ms	Image image/gif	2606:4700::6812:18ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO00JHI23du1vrghfMbHLUc&google_cver=1&google_push=AXcoOmTqzn2bdC9nw6E600AIRw8w_mxIOlk0GtEzIM-PhGp8KTVpepxK2CKxe8ETX6w3RQkImCQ6wqwazpkF5My_AZPNh_IaazbLyg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTqzn2bdC9nw6E600AIRw8w_mxIOlk0GtEzIM-PhGp8KTVpepxK2CKxe8ETX6w3RQkImCQ6wqwazpkF5My_AZPNh_IaazbLyg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 848d1390389d4d50-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 409 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEO00JHI23du1vrghfMbHLUc&google_cver=1&google_push=AXcoOmTqzn2bdC9nw6E600AIRw8w_mxIOlk0GtEzIM-PhGp8KTVpepxK2CKxe8ETX6w3RQkImCQ6wqwazpkF5My_AZPNh_IaazbLyg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTqzn2bdC9nw6E600AIRw8w_mxIOlk0GtEzIM-PhGp8KTVpepxK2CKxe8ETX6w3RQkImCQ6wqwazpkF5My_AZPNh_IaazbLyg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 848d138f180d4d50-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E55A Redirect Chain https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESENZmjgTim_tNqZ5tASIX940&google_cver=1&google_push=AXcoOmRDoy-0hQmholpoKG4BXtYyMfEhT_Fv3t71Seb3t--aewC45hAocG9Z2aenc9l7f6FS7RPZ_Fn... https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESENZmjgTim_tNqZ5tASIX940&google_cver=1&google_push=AXcoOmRDoy-0hQmholpoKG4BXtYyMfEhT_Fv3t71Seb3t--aewC45hAocG9Z2aenc9l7f... https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=HF7UaGsHTaep9ke82Bsva2WsqE8	170 B 188 B	31ms 31ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=HF7UaGsHTaep9ke82Bsva2WsqE8 Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:54 GMT server A p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=HF7UaGsHTaep9ke82Bsva2WsqE8 cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E55A Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENLp3U8P8m5OmSF910tFUeM&google_cver=1&google_push=AXcoOmRp5EGKDFtDsS9bHEALAWa9wPSQPLUATV3Gk4OAd5yMzmhJLTbDaQwKu2PY_f5aSITEM1s... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOMU8zTzEtMTItSjVIOA==&google_push=AXcoOmRp5EGKDFtDsS9bHEALAWa9wPSQPLUATV3Gk4OAd5yMzmhJLTbDaQwKu2PY_f5aSITEM1smG8fYxISFTDP9SG0Nn4UpcgkQzA	170 B 188 B	30ms 30ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOMU8zTzEtMTItSjVIOA==&google_push=AXcoOmRp5EGKDFtDsS9bHEALAWa9wPSQPLUATV3Gk4OAd5yMzmhJLTbDaQwKu2PY_f5aSITEM1smG8fYxISFTDP9SG0Nn4UpcgkQzA Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJOMU8zTzEtMTItSjVIOA==&google_push=AXcoOmRp5EGKDFtDsS9bHEALAWa9wPSQPLUATV3Gk4OAd5yMzmhJLTbDaQwKu2PY_f5aSITEM1smG8fYxISFTDP9SG0Nn4UpcgkQzA Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 3db54fddb1cb324ce2cdd5a6ec3dc2dd Expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame E55A Redirect Chain https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTjmwnrhW2UMqtuXo5l0G1F2oCTTUVIn6cnuTYs9JL5JNCHTlVAD9KeDzfX8Ga0H47WwbGcxykiPh... https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTjmwnrhW2UMqtuXo5l0G1F2oCTTUVIn6cnuTYs9JL5JNCHTlVAD9KeDzfX8Ga0H47WwbGcxykiPhFAnwB6HR9zOT1US2M&google_hm=9d3ba53f-1883-4042-b09...	170 B 188 B	30ms 30ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTjmwnrhW2UMqtuXo5l0G1F2oCTTUVIn6cnuTYs9JL5JNCHTlVAD9KeDzfX8Ga0H47WwbGcxykiPhFAnwB6HR9zOT1US2M&google_hm=9d3ba53f-1883-4042-b098-fc184cb7bb03 Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server sonobi-go vary negotiate,Accept-Encoding x-go-server go-iad-2-6-21 content-type text/plain; charset=utf8 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTjmwnrhW2UMqtuXo5l0G1F2oCTTUVIn6cnuTYs9JL5JNCHTlVAD9KeDzfX8Ga0H47WwbGcxykiPhFAnwB6HR9zOT1US2M&google_hm=9d3ba53f-1883-4042-b098-fc184cb7bb03 cache-control no-cache, no-store, private tcn Choice content-length 0 x-xss-protection 0 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E55A Redirect Chain https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmRWM94ftpxZ9jPv2G0_ACKEZEh-bRD19XVn3ZJ3tvM9uJwqlsbaV5OBXdh6CrXrrjm6FfxGvMfsUlGHSXmKTRi65-D1vcEVK4Y&google_gid=CAESEOvdOvEf5v... https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOvdOvEf5vJJYQcWUDiIJog&google_hm=T1BVOTFlMDYxYTY4YzU0NDk3NWFmNWY5NzliYTVmNzdhNGM&google_nid=opera_norway_as&google_push=AXcoOmRWM94f...	170 B 188 B	31ms 30ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOvdOvEf5vJJYQcWUDiIJog&google_hm=T1BVOTFlMDYxYTY4YzU0NDk3NWFmNWY5NzliYTVmNzdhNGM&google_nid=opera_norway_as&google_push=AXcoOmRWM94ftpxZ9jPv2G0_ACKEZEh-bRD19XVn3ZJ3tvM9uJwqlsbaV5OBXdh6CrXrrjm6FfxGvMfsUlGHSXmKTRi65-D1vcEVK4Y Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server nginx access-control-allow-methods POST, GET content-type text/html; charset=utf-8 access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOvdOvEf5vJJYQcWUDiIJog&google_hm=T1BVOTFlMDYxYTY4YzU0NDk3NWFmNWY5NzliYTVmNzdhNGM&google_nid=opera_norway_as&google_push=AXcoOmRWM94ftpxZ9jPv2G0_ACKEZEh-bRD19XVn3ZJ3tvM9uJwqlsbaV5OBXdh6CrXrrjm6FfxGvMfsUlGHSXmKTRi65-D1vcEVK4Y cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With content-length 327 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ onetag-sys.com/match/ Frame E55A Redirect Chain https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMJq9dXjiAnrIxAxkr2lxQE&google_cver=1&google_push=AXcoOmRfvgKHU2fLX4s9em7gdsPk-OkhtjYwg-1_O5b6cctifOaFV6RK_ROzcqbbHpCL-Qvr-gbyxdt1Qqk... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRfvgKHU2fLX4s9em7gdsPk-OkhtjYwg-1_O5b6cctifOaFV6RK_ROzcqbbHpCL-Qvr-gbyxdt1QqkCpuBmDj0Dek6L-fgDuf0 https://onetag-sys.com/match/?int_id=19&google_error=5	0 200 B	20ms 20ms	Image text/plain	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://onetag-sys.com/match/?int_id=19&google_error=5 Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://onetag-sys.com/match/?int_id=19&google_error=5 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 255 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E55A Redirect Chain https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_... https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=48ae318d-814a-487e-b77a-cdebb1638a7b&google_cver=1&google_gid=CAESEGjm6HMZhUX9UTyf4_xhK_w&gdpr_consent=${GDPR_CONSENT_109}&google_...	170 B 188 B	31ms 31ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=48ae318d-814a-487e-b77a-cdebb1638a7b&google_cver=1&google_gid=CAESEGjm6HMZhUX9UTyf4_xhK_w&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSUCtFr8nEVkwuSIthyw1Xf3FlcugK57x89iM6S6GN8LXrPWkpZteWf7VLqB9YjdesrCaTJ63uN_YgBYhzoiE70_h-gk-45DnA&gdpr=${GDPR} Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=48ae318d-814a-487e-b77a-cdebb1638a7b&google_cver=1&google_gid=CAESEGjm6HMZhUX9UTyf4_xhK_w&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSUCtFr8nEVkwuSIthyw1Xf3FlcugK57x89iM6S6GN8LXrPWkpZteWf7VLqB9YjdesrCaTJ63uN_YgBYhzoiE70_h-gk-45DnA&gdpr=${GDPR} date Sun, 21 Jan 2024 05:14:55 GMT server _ content-length 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame E55A	0 12 B	29ms 28ms	Image text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kj9r2D6hxRITH_oAVdwJteE7aaR-PLrgVR3KuC4UNAKSShvZnjCVxMMDE6rfkM1udQbax2rri6 Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame ED69	38 KB 13 KB	23ms 23ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes age 375647 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 16 Jan 2024 20:54:08 GMT expires Wed, 15 Jan 2025 20:54:08 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/4023836015931162624/ Frame 17CB	29 KB 9 KB	32ms 31ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=d36Ks9Dief&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97a3aca91c466c84414d785cd820f6385b2ab5e254cfac82614b6d0966f4ca88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes access-control-allow-origin * allow-fenced-frame-automatic-beacons true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:55 GMT expires Mon, 20 Jan 2025 05:14:55 GMT last-modified Mon, 11 Apr 2022 09:15:15 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET DATA	200 OK	truncated / Frame 6C54	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 291de1bcb01bde6b514390b202092470bab5374eeb2df3c934b801752ffcd1f7 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view ad.doubleclick.net/pcs/ Frame 6C54	0 0	63ms 62ms	Fetch image/gif	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjsvdPj4MjURJ5nMAF3Mh9A5Y-WRgIOLAqmIomKBoI5weLnN2owGuOLY2ejSp7mY7q1XD4qDf_9fxRuMyiR-bNqKuRkm_jHvjs0PsoUoK_FFXElYIoC0TACfR6NKqYqyJKIgIpTQ7_qRwKs4VDXl53Jc6AoCyykl8EJvSFwHtKYvgZPIJEoEWwzyARqb1vgYotzS_XHnDqCT1yj7rhZ5xhE3DnBWMBKO_HWYXIFkqwh7CVEyGsA-kq5Jc1e2tLY2ixzl0YALRT1SJIfb_jXKLkLktadW4fpNqb8P8SLENLx31oE6cfresoz-cBL9q1XbHHHDksK0W993cf0qfizy_Nl-b-mITy2EF-v2QRO_tbp6XS8pJxRqbj97o4TIBIjILdPXW9-i9LOIV2Zm62--iUDGIwaSTkF0UDTONVwWuvYdyc95PWmPTDuobMYsPd16IkA3hViDuR66KhuoAbCEabjdgGXqA_YyrCStXmsO7Z5K5cr6Q0GJ2AJmsdRVwHRlOZKG2FsaBUC2b7uCzrfIPFLYN38DXTRIWaM7QEfbV3Qd41BE-p4UClJuE3ZNYxxO7o_SPzJofg6bHVxjdvPimVubNIYEIO3gvBo4qIx6lLG0Ifl_DIT3_B_BSZnLl0EfVRqkpWAhow1TOioVdqN-DxLxlxIjkDHT7DmBN1-I-MBI7qKphaQTRvuIaWjxMKKoPktAnZhGGj7oaC0CyntzaguI9JBqfGnTaXNqsLsjnv5C40Omcx0eAfVuHulZ52tnkNBFug_AxzGi05hoGS2cVmTRsYa0PlbGyRYRk6DjhGFz-gliQ_EEUBAtc9T4C-cukq0553tTSVcdViIrF9WUmxdEnjbkjcNwlP4adStae30l6-fpNayeqvQZ65LfwlC5im7O_FoLJvQsO4N_3niRzspWI4lndZ2WMYC5x37TABJDXRtKwrzsw8aM7i1p5ElgZBI9Sfj9rLy-7WEPHKNPhF5aSdpYdwa7rATlG9xgjqWcYdLoV4IAlK2Gg7nYWJAQyvt-1PDxNnFtLEP4z_5Vn3gcwDefpXhJiKnZR7KHzrs12iys4zKomBtil3MyF39LVdgzM3AUShLTOUih8Ye2gZWpEKdgO-tnEtQE1H-lhEU4wMiSY_PE4pBODnpNtnSNuNhWRiOa6wEmZVOwCnvcvqNfYxrvn_BflyG5GwVgW5ukPToVqu-5o9sd14FTKMwIvKaeIbUSBEpETBhmTSbwDkbFwA1TxB5t4hnSSLwcSO1mm7pzxrmZMjHbiZzVjo-f9U7FSMtvr7q-5_wx5WRFeJWn_gf751TzkQu4-YifTTMtTK8bxgc5Nzog7oJuVJujl_3-uLoo3gngj3FSZwEsmSaVAtmTs64LlNCe_Omw7jFC2nTMSMlJh1i3xXgXhtk5IP7vUGAbZcMYuorz_Vu2xXJcdfS7BiaReXnd5LU-uAuaEV9Hjm8qjr9F8F1ptmRPlfTPLoHM1N5X9IMXMmIgXMOGAe5mw04jD2G-lQ2ZSFItMvfXKsd2LKcyt&sai=AMfl-YQKQCwvjoQZGFzF3egz04uqDT7TnwteSiADVqEltnWz4TUvepYbNQGh2Vz10n0wIBX6Lh1lbTO-tDVXeT5M7G8nZ3V_JQeLTe3VTxF9H0ywmG73HJdxflzfFlHgBQ5hD6SXs0vCvGA2gXTq6Z9AfdhCAp4PnFgaMuKF_hthg1pmmP3Vcvuthj3B10j1BwtD6kko_WBwHpU4-QaiAB06MIuu_qNnA4oHx2yuWvX6aKQOPzdgUNDRHfdw4C2Rf45drHfA4jholMzN2QOHWPCpQNZ-WWLS_DbZ0WDmx87iX2_AWStCjUebaL7sQC_QnDDElXKSyvmU4DUUQfjRuBEfS4mDx6jrmt-TNycUD0x1pT0p9DJMrOpas2h6Wn-d8WJeQr7vf9GbnDAw6yfOMkFWJrosTH_N-15uKW14munJnv1ROtYSjA&sig=Cg0ArKJSzN-4JmRnBQA3EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lbmpveTM2NS5jaCxodHRwczovL2Nzcy5jaA&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=42&cbvp=1&cstd=38&cisv=r20240118.95793&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame B4B7	170 B 188 B	30ms 30ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm&gdpr=0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNV3_alh5FIioa2Yn6VuTjMOLbky7LvTMpWk-rdMXRl5DQy4GlIIMUWYAXkNO8EMJDuxPojNGVM-3os44Jpg1CQuQ7BSHfSOXfYEypZzkPBU9nykM9s Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame B4B7 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1&gdpr=0	43 B 728 B	33ms 33ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1&gdpr=0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNV3_alh5FIioa2Yn6VuTjMOLbky7LvTMpWk-rdMXRl5DQy4GlIIMUWYAXkNO8EMJDuxPojNGVM-3os44Jpg1CQuQ7BSHfSOXfYEypZzkPBU9nykM9s Protocol H3 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkOZRnB4p1yA%2B31XhwMUPNwUnkftJix8D19Q48FVK18CXpsJTBdZDw51tnaaBWDfr3QOi4RfsUnR1ihH0pHPVEm1PQcHZiJgPYupnIiZs9xLgZCGyH7uBhYlpq8h8TQ4E12ZnLE956Vsbw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 848d138f59de9b43-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1&gdpr=0 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 324 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame B4B7 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZayoTivRpz5deuomQ7AhpAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1	43 B 730 B	36ms 36ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLS7QxDXu7cBGK7Z3KIBMAE&v=APEucNV3_alh5FIioa2Yn6VuTjMOLbky7LvTMpWk-rdMXRl5DQy4GlIIMUWYAXkNO8EMJDuxPojNGVM-3os44Jpg1CQuQ7BSHfSOXfYEypZzkPBU9nykM9s Protocol H3 Server 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbXEPrY3wlG4v51nrQ5BGbLgdn0WEOy3u9fBxaOPQIxDi7HoTKmFO1aUOEugxpX1796MUzXvrimXSeU8X8OsPtl4h9YPx7YtJSQSYvCK0tJxMA8378rMicN%2FAruG%2FDPHsaNJlu3wou0CBA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 848d138f9a109b43-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPr4dxuhmhtNnPTHC--FnKs&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gsap_3.5.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 17CB	60 KB 24 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=d36Ks9Dief&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24155 x-xss-protection 0 last-modified Mon, 31 Aug 2020 21:23:17 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:14:55 GMT
GET H3	200	EasePack.min.js Show response s0.2mdn.net/creatives/assets/4075024/ Frame 17CB	2 KB 1 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4075024/EasePack.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=d36Ks9Dief&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:07:05 GMT content-encoding gzip x-content-type-options nosniff age 470 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1342 x-xss-protection 0 last-modified Thu, 04 Mar 2021 09:57:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:22:05 GMT
GET H3	200	Enabler_01_248.js Show response s0.2mdn.net/879366/ Frame 17CB	118 KB 40 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_248.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=d36Ks9Dief&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 23:45:27 GMT content-encoding gzip x-content-type-options nosniff age 19768 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41094 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:45:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 23:45:27 GMT
GET H3	200	MuseoSans_300.woff s0.2mdn.net/creatives/assets/4075024/ Frame 17CB	22 KB 22 KB	27ms 26ms	Font font/woff	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_300.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=d36Ks9Dief&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 602a48d8418dc75bc51795b3f33e2e49ee38d40c4a658723b0878f1c64a68265 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://s0.2mdn.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:09:24 GMT x-content-type-options nosniff age 331 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22016 x-xss-protection 0 last-modified Wed, 03 Mar 2021 15:07:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:24:24 GMT
GET H3	200	MuseoSans_700.woff s0.2mdn.net/creatives/assets/4075024/ Frame 17CB	22 KB 22 KB	28ms 27ms	Font font/woff	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4075024/MuseoSans_700.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=d36Ks9Dief&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7ccc354572f46ed4b26ffec17c24264cce720c1ebab7693af8e88032e46b6544 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://s0.2mdn.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:09:24 GMT x-content-type-options nosniff age 331 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22640 x-xss-protection 0 last-modified Wed, 03 Mar 2021 15:06:56 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:24:24 GMT
GET H3	404	mobileApp-chf500cashout-parallaxe-sprite-728x90.png s0.2mdn.net/sadbundle/4023836015931162624/ Frame 17CB	43 B 65 B	268ms 268ms	Image image/gif	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/4023836015931162624/mobileApp-chf500cashout-parallaxe-sprite-728x90.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=d36Ks9Dief&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers expires Sun, 21 Jan 2024 05:14:55 GMT date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff server sffe x-dns-prefetch-control off content-type image/gif access-control-allow-origin * cache-control public, max-age=0 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-xss-protection 0 allow-fenced-frame-automatic-beacons true
GET H3	404	mobileApp-chf500cashout-728x90.png s0.2mdn.net/sadbundle/4023836015931162624/ Frame 17CB	43 B 65 B	75ms 75ms	Image image/gif	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/4023836015931162624/mobileApp-chf500cashout-728x90.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=d36Ks9Dief&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers expires Sun, 21 Jan 2024 05:14:55 GMT date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff server sffe x-dns-prefetch-control off content-type image/gif access-control-allow-origin * cache-control public, max-age=0 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-xss-protection 0 allow-fenced-frame-automatic-beacons true
GET H3	200	IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response pagead2.googlesyndication.com/bg/ Frame ED69	39 KB 15 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:19:48 GMT content-encoding br x-content-type-options nosniff age 14107 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15219 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 20 Jan 2025 01:19:48 GMT
GET		view ad.doubleclick.net/pcs/ Frame 93AC	0 0
GET		activeview pagead2.googlesyndication.com/pcs/ Frame 93AC	0 0
GET		dc_oe=ChMIn8Ls2NztgwMVNcC7CB2dAwzzEAEYACD87-VG;dc_eps=AHas8cDqKBukjYNbsckOitKOcUn92v5P3hsCAVVGliy-iJlk_9y2gbHKeObx05cp1R7i0jEkcVz0p5W7Ng;met=1;&timestamp=1705814095251;eid1=871060;ecn1=1;etm1=0;eid... ade.googlesyndication.com/ddm/activity/ Frame 93AC	0 0
GET H3	200	container.html Show response dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 89E5	6 KB 3 KB	23ms 23ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.nix-wie-weg.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes age 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:53 GMT expires Mon, 20 Jan 2025 05:14:53 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	win Show response prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/	0 57 B	19ms 19ms	XHR text/plain	3.77.5.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-ingestion.tracking.v2.yieldlove-ad-serving.net/v2/win Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.77.5.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-77-5-141.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.google.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sun, 21 Jan 2024 05:14:55 GMT
GET H3	200	css_logo.svg s0.2mdn.net/creatives/assets/4443938/ Frame 17CB	2 KB 941 B	23ms 23ms	Image image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/creatives/assets/4443938/css_logo.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=d36Ks9Dief&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3606038c4383f073154069ba196c9cd774926741f7a74807c1097eb23badda8f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:08:50 GMT content-encoding gzip x-content-type-options nosniff age 365 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 913 x-xss-protection 0 last-modified Mon, 21 Feb 2022 15:45:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:23:50 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame A350	632 B 269 B	58ms 58ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJvNos8DEPrY0tQDGN-l4YMCMAE&v=APEucNXvRZZCUZOvSlyhCCnaocN8-SlXsS-iaPzTiKrEVhiTsPqVeAarrq4e9uUVYALpxDUZ8Zj4zfpYFku6-oWM1fQVBK1j45c9ZwHF1_XtIrZHizsL_Cw Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e34f3c96e1eae99e2fc8b8f0c8f608bf3d8822872bf36246c4360a024a8527d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 249 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:55 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 89E5	111 KB 39 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 21:44:19 GMT content-encoding gzip x-content-type-options nosniff age 27036 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 21:44:19 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 89E5	8 KB 3 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:37:48 GMT content-encoding br x-content-type-options nosniff age 38227 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3206 x-xss-protection 0 server cafe etag 12640889860211258669 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:37:48 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 89E5	23 KB 9 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:32:08 GMT content-encoding br x-content-type-options nosniff age 38567 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9276 x-xss-protection 0 server cafe etag 3558958386372919956 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:32:08 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 89E5	41 KB 14 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 02:28:13 GMT content-encoding br x-content-type-options nosniff age 355602 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 16 Jan 2025 02:28:13 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 89E5	3 KB 1 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 13:28:07 GMT content-encoding br x-content-type-options nosniff age 56808 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 13:28:07 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame A91D	1 KB 643 B	26ms 25ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers age 43451 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 20 Jan 2024 17:10:44 GMT etag 48472445140208031 expires Sun, 21 Jan 2024 17:10:44 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 89E5	20 KB 8 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 18:28:59 GMT content-encoding br x-content-type-options nosniff age 38756 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sat, 03 Feb 2024 18:28:59 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 89E5	42 B 63 B	54ms 53ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuvUnlD8QzoNqg8yq4BdeOpErdss9jebYFIzPW-WDgI8EL4pAwTZLZAyWp3te85hgQ6EeYJP_MbOsQZ7ZAgb1SsbXHE5OCUz4vh4tOAZGTUjBIzEw Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 89E5	0 0	31ms 31ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJbr-zlbgFX4BV3j95SGaMWwf-Ruu5AGyzVw5j6rqaglnLGRsiooRGLg3Ewxouho7LcUoiwJYTHbWqNlK69JjsSWao3A Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 89E5	206 KB 65 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66453 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1705495733332172" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Jan 2024 05:14:55 GMT
GET H3	200	MuseoSans_100-webfont.woff2 s0.2mdn.net/creatives/assets/4466103/ Frame 17CB	17 KB 17 KB	25ms 25ms	Font font/woff2	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_100-webfont.woff2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4023836015931162624/index.html?e=69&leftOffset=0&topOffset=0&c=d36Ks9Dief&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80517662352655810cd94d92070d02d75b231c2159cb5b92e6c9b6ceb1bea2d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://s0.2mdn.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:08:49 GMT x-content-type-options nosniff age 366 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17148 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:00:19 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:23:49 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 17CB	8 KB 6 KB	61ms 61ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_248.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3effd9e9dae86ca144fa932163a59782615449302b478127a0d2654413397c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5889 x-xss-protection 0
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 86BB	38 KB 13 KB	23ms 23ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes age 375647 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 16 Jan 2024 20:54:08 GMT expires Wed, 15 Jan 2025 20:54:08 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 89E5	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c41eae3c69174eda1cde7ccf7dc4ad1499f0ca5b7501aa7f9d3405d4da17d291 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/png
GET H3	200	pixel cm.g.doubleclick.net/ Frame A91D Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEIav_u10-1das_MwuoOmLU&google_push=AXcoOmTKr_lnySpD8bPBMs_06VSZB5L6SHtmQrJSsdd5pNuFq9Om-4Kiw6...	170 B 188 B	31ms 30ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEIav_u10-1das_MwuoOmLU&google_push=AXcoOmTKr_lnySpD8bPBMs_06VSZB5L6SHtmQrJSsdd5pNuFq9Om-4Kiw6r46c0GnnV_6Nxi6npSmfUXMXlxNYWFbnBpFxGisJ4rXw Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-mxp6946-MXP pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1705814095.405202,VS0,VE96 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEIav_u10-1das_MwuoOmLU&google_push=AXcoOmTKr_lnySpD8bPBMs_06VSZB5L6SHtmQrJSsdd5pNuFq9Om-4Kiw6r46c0GnnV_6Nxi6npSmfUXMXlxNYWFbnBpFxGisJ4rXw cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame A91D Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGNAeFZN_hzx5loJ_pnu42s&google_cver=1&google_push=AXcoOmRsqitBc1Gh7JAKNULhWhZdHbW2pSFiScAk0Vnq7Unxx_M75QVPfnECjga1A7l1owOefDPhGfPADqqLtO... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNjQxNTc1MTA4NzcxNjUwNA%3D%3D&google_push=AXcoOmRsqitBc1Gh7JAKNULhWhZdHbW2pSFiScAk0Vnq7Unxx_M75QVPfnECjga1A7l1owOefDPhGfPADqqLtO2cHT...	170 B 188 B	30ms 30ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNjQxNTc1MTA4NzcxNjUwNA%3D%3D&google_push=AXcoOmRsqitBc1Gh7JAKNULhWhZdHbW2pSFiScAk0Vnq7Unxx_M75QVPfnECjga1A7l1owOefDPhGfPADqqLtO2cHTUHPwHW7AXxSQ Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyNjQxNTc1MTA4NzcxNjUwNA%3D%3D&google_push=AXcoOmRsqitBc1Gh7JAKNULhWhZdHbW2pSFiScAk0Vnq7Unxx_M75QVPfnECjga1A7l1owOefDPhGfPADqqLtO2cHTUHPwHW7AXxSQ Date Sun, 21 Jan 2024 05:14:55 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3	200	pixel cm.g.doubleclick.net/ Frame A91D Redirect Chain https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMJq9dXjiAnrIxAxkr2lxQE&google_cver=1&google_push=AXcoOmQi-XZe74y1QmhMTUB6t64Bp3zySSZdYjGPOE9ZZfZ17jmpr3OLq5b6WCAFcwvCtBww68UZ2YXxvrCV... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQi-XZe74y1QmhMTUB6t64Bp3zySSZdYjGPOE9ZZfZ17jmpr3OLq5b6WCAFcwvCtBww68UZ2YXxvrCVGNAwJ5rHESsePuV0bg	170 B 188 B	31ms 31ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQi-XZe74y1QmhMTUB6t64Bp3zySSZdYjGPOE9ZZfZ17jmpr3OLq5b6WCAFcwvCtBww68UZ2YXxvrCVGNAwJ5rHESsePuV0bg Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQi-XZe74y1QmhMTUB6t64Bp3zySSZdYjGPOE9ZZfZ17jmpr3OLq5b6WCAFcwvCtBww68UZ2YXxvrCVGNAwJ5rHESsePuV0bg strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET H3	200	pixel cm.g.doubleclick.net/ Frame A91D Redirect Chain https://google.partners.tremorhub.com/sync?UIDF=CAESEGWhTP1n029Z6FNwZkTe72I&google_cver=1&google_push=AXcoOmR0rEXCmXQZOOxqwhsyoJYky1oSG3OpzR4WMzi-W_v_Dse0snLPMO8IBrmetgKoBU7t1EhI_WD2uG_gXFiR5IDObpe... https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NDlkMWNlNmY1ZWIyNDVlYWJhYTVhODQzZmUyNDg3MGI%3D&UIDF=CAESEGWhTP1n029Z6FNwZkTe72I&google_cver=1&google_push=AXcoOmR0rEXCmXQZOOxqwhsyoJYk...	170 B 188 B	31ms 30ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NDlkMWNlNmY1ZWIyNDVlYWJhYTVhODQzZmUyNDg3MGI%3D&UIDF=CAESEGWhTP1n029Z6FNwZkTe72I&google_cver=1&google_push=AXcoOmR0rEXCmXQZOOxqwhsyoJYky1oSG3OpzR4WMzi-W_v_Dse0snLPMO8IBrmetgKoBU7t1EhI_WD2uG_gXFiR5IDObpeJEKw_nw Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NDlkMWNlNmY1ZWIyNDVlYWJhYTVhODQzZmUyNDg3MGI%3D&UIDF=CAESEGWhTP1n029Z6FNwZkTe72I&google_cver=1&google_push=AXcoOmR0rEXCmXQZOOxqwhsyoJYky1oSG3OpzR4WMzi-W_v_Dse0snLPMO8IBrmetgKoBU7t1EhI_WD2uG_gXFiR5IDObpeJEKw_nw date Sun, 21 Jan 2024 05:14:55 GMT server nginx content-length 0 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
GET H3	200	pixel cm.g.doubleclick.net/ Frame A91D Redirect Chain https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESENss6MzgTMSXVCZqibL5kpw&google_cver=1&google_push=AXcoOmTpkr6sGyKybK4U6wQXlh8z59NZb3JssDaRzjRNJ3ur4iQ4JiLVZMd_GKi9NaE81EgNTElg0... https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTpkr6sGyKybK4U6wQXlh8z59NZb3JssDaRzjRNJ3ur4iQ4JiLVZMd_GKi9NaE81EgNTElg0n74Q66hQTbE_StX4b0PFRtTKQ&google_hm=WmF5b1VNQ...	170 B 188 B	30ms 30ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTpkr6sGyKybK4U6wQXlh8z59NZb3JssDaRzjRNJ3ur4iQ4JiLVZMd_GKi9NaE81EgNTElg0n74Q66hQTbE_StX4b0PFRtTKQ&google_hm=WmF5b1VNQ284WVVBQUF0Qzh1Y0FBQUFB Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:56 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers X-SO-Cluster-ID 0 Date Sun, 21 Jan 2024 05:14:56 GMT X-SO-LB-Data {"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESENss6MzgTMSXVCZqibL5kpw&google_cver=1&google_push=AXcoOmTpkr6sGyKybK4U6wQXlh8z59NZb3JssDaRzjRNJ3ur4iQ4JiLVZMd_GKi9NaE81EgNTElg0n74Q66hQTbE_StX4b0PFRtTKQ","cluster_id":0,"gdpr":false,"ipv4":"149.88.27.83","key":"ZayoUMCo8YUAAAtC8ucAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad419"} X-SO-Key ZayoUMCo8YUAAAtC8ucAAAAA Server nginx X-SO-Upstream-ID m-ad419 P3P CP="See also http://www.scaleout.jp/privacy/" Location https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTpkr6sGyKybK4U6wQXlh8z59NZb3JssDaRzjRNJ3ur4iQ4JiLVZMd_GKi9NaE81EgNTElg0n74Q66hQTbE_StX4b0PFRtTKQ&google_hm=WmF5b1VNQ284WVVBQUF0Qzh1Y0FBQUFB Cache-Control private X-SO-HostName m-ad419.dc4p.scaleout.jp Connection keep-alive X-SO-Ads-Time 3 Content-Length 0 X-SO-LB-Hostname m-tgng33.dc4p.scaleout.jp X-SO-IP 149.88.27.83
GET H2	204	v1 match.sharethrough.com/E4rooAtA/ Frame A91D	0 35 B	64ms 20ms	Image text/plain	35.158.87.169 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESED536inFyPB6CYLPH8QY9z0&google_cver=1&google_push=AXcoOmQUXL2PN-dyBg2pQJf41jjMl6AwDjZUj7qsFmmmv71KfZ-VqIbhVK42HiX0LAAnsE6mgigkSeLuq0XyzqNMjQzs1Awb1yuEhgA Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.87.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-87-169.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A91D Redirect Chain https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEGGhuJojK00dH_bY8hQ_t6g&google_cver=1&google_push=AXcoOmS7EfiftqTaHRg_duNSCFfbW0I-gKrsZU0Myr96PdMPqYtIwJ7-RYVxd_FzuJjruA--tn6-545Q0HtOQFf5dH3Royj... https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS7EfiftqTaHRg_duNSCFfbW0I-gKrsZU0Myr96PdMPqYtIwJ7-RYVxd_FzuJjruA--tn6-545Q0HtOQFf5dH3RoyjxUDrqe5g&google_hm=MjQ5NjMy...	170 B 188 B	29ms 29ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS7EfiftqTaHRg_duNSCFfbW0I-gKrsZU0Myr96PdMPqYtIwJ7-RYVxd_FzuJjruA--tn6-545Q0HtOQFf5dH3RoyjxUDrqe5g&google_hm=MjQ5NjMyMjAzNTEwMTUwODMxNQ== Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmS7EfiftqTaHRg_duNSCFfbW0I-gKrsZU0Myr96PdMPqYtIwJ7-RYVxd_FzuJjruA--tn6-545Q0HtOQFf5dH3RoyjxUDrqe5g&google_hm=MjQ5NjMyMjAzNTEwMTUwODMxNQ== Date Sun, 21 Jan 2024 05:14:55 GMT Server Jetty(9.4.51.v20230217) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame A91D	0 12 B	28ms 28ms	Image text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JL-6mYegiyQpO_2r7jH1YlwjBvC1vsyDA3HyRgDa4eIY9MVU5wT1PwPq_a_1qsKgv74s8wDtI Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/8172248081976013699/ Frame B46A	93 KB 21 KB	24ms 24ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/8172248081976013699/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2f701aa5180e84189218fc42720c61ecbfb18bf97c2f8642cf1a21d647d5d8ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes access-control-allow-origin * age 404231 allow-fenced-frame-automatic-beacons true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 21575 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Tue, 16 Jan 2024 12:57:44 GMT expires Wed, 15 Jan 2025 12:57:44 GMT last-modified Fri, 12 Jan 2024 12:03:15 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H3	200	view ad.doubleclick.net/pcs/ Frame 89E5	0 0	63ms 62ms	Fetch image/gif	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjssCtE4pcCpmkAKmmoUuWfuPYZ7Yezs01Sp869BCGxayVW2nL7FnSHB0oophccqrBU_8AM-IwjeFOU0I8oxolPDrhdq7YeqcB3Nf9gSdSSQGO8Db0TwoFDLdTYdFgIlmpEv7pqgM3KMIvNHJt9uTx11lQj4eQ5LioGQdx8j1id_8j0zqhkEWyKVF3oCeAT8pJxwgCg1Q_SOr0I0sOBrnXHb_Nqmqgnxnrvc3sUt5RZJpTtbpAwufK5yCz1Id_Pm1FGU_kFBnvQQRI2FmnhyXub0sVZs-6O1DjdCIud5BpAkrIOqn7CKi2chviwuIbcgif5TOBCt_dT4m68UGIYuK-8eLKdCvsBKW-lrP9DSZia1LA1oSR0f1vgECLeDAi1cqhmOhGwljv7R1P7HJacJVDKGAEJJ_r67grylnCC3sOTcWtMH5Z4wKctbi2P2cY4v3KLEX4WGVvD-F2wgqxWBc8lUWbhcTvNPVs72HIzhYpxWf21kUCxxb79ljcHlXZ2ByLmzVRDvTFIovCUflTVc1wWW2igi4QFITlyTxaTnU_quqz9hF0nMpcaAOkBmNsvgryiSk1j4Uwuszhadm32xMGNK_OFys2TTDApwjhFxcSzZ6gXSYkGH1bzuAk2dxUWvhY2fFgd74fleKymL1eu-8VqDywdzh3j8jgRYuJb-3we-0y0RYjTGzskmbyUjQA4lIA0mamY2nSSqcZTj1fVjzIlgpnadwwHlGVC1XDx2DkQY7J1zg3NH3GF7YpFdmDej_G29sKvFX1SMxUhqCuxHd8CMaSm4MwPGyAHRk2sG2KOABSvUF4YY-Uz7MjMs8Fp55773ZUzIh3uRxFLxdgRvWAjYyOE-gvyTrT-DhRY9YoyEuMx_dU2ETfEYSY-lPzW2wus3afbeLa8IoQ1DFDiPL4ZOFLVFnitXLyWGn3HZr5CWXzZNGz0kD7CuShhg1sOI2iTTh6LwvcboeyciOlcJTT3Y11Cm9Rj0SHnF1Qna8Vddr_TjsnVpuzDKp8u2WCwGI7EZEzvTXOTivIfMcdM2wImt6KRk8exTCe0pqxFIpx5pHJTB5PpT_obAS7CGtjR4wRnxzRw_PyhtQY_PjF_Mvn2Ys95-vuD7YUDxgTDPrVMPj3ZS8TlnsSN27d0jlM_jjn33RYMNxeUt1TGLBcZ2ItDpVmhiVUwcjzL22KlVDefd8mduFy58ixloiSaY66eRinLaK66oYvxd60t9oVZS1qUQiZG_omrVbFdTsd2E4Z-JwpvMArcRP5hWAORuhcfTVS84cnvsCjmxHg2XBxlh5ioQU6ssemLHze25bs-eBeaFCHs3tANrrGESbk1WMBCggiTKC5WxGOaigiQTf7jGhbvpe0ulyi8a_WAgBCOYtjj1InyCVw2-mRJOyWrOS8gbPe4Ot4xkdx-i8frUXr8yqFbic1GS5rr6dWNbiNDFwjxa5zVr2f7LXaolt9ttNBWE&sai=AMfl-YQeRCkao18tKnmks1Vpd9-R0F48LS2ASce57_fX2TT1BlnsfS_AjCCj8AmdzmZGziFhPPVRu5gjTC-dlqOeqwftlM01OqziA1qNjhdA_usYrmXMYrcb-F_22IInMg-djGXnyfh37P6yRA44inVjtO-VICUKakY7bArucVuhE8410LaiRSSLd7sXM_UzefYbVGTJ70KNxNhK4RAZ_4FVboHVg1rlNO1TFLegNElpKs6W5tk7RI_AwO_AJNYlPWuSq6Ann3ovoRWtLqmbNPM4uayy25511FGW06652t96svI9FEDRqRzU76c5WCegOr9QLiv88WAkx058FpMJosv5K2N6S-ZYPJMgquRZxpz5KrvifbbsNm_C-gO8HYjWtjC7cr_TEd2w2Z1fkTu0vGT2eVyrHP_6BlpK0QcnE-7m&sig=Cg0ArKJSzLrsn1Ug9T5DEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hbWFnLmNo&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=52&cbvp=1&cstd=51&cisv=r20240118.64626&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame ED69	0 20 B	56ms 55ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BWO90TqisZaWFL62D7_UPhfuQsAwAAAAAOAHgBAI&bg=!6Oul66TNAAa8BdJLnAU7ADQBe5WfOE_za5YGoPRReSWGoUdIcGgm7TbBZHOWKcBNisfzJO5I-7iFBN71ywTINFpoYpi2AgAAAEBSAAAAAWgBBwoANPGbyu_zsIffyk6tC1S0WOYno1Pri2YZxmII6_R_4Q9jFe0OTZpUatUhHE3AUXb08EnobfCZAwAKxurkmoNm2mznaFcQIvZUCoEdEPJbErclaT1xMweHjaut3fVzMWZvh0rbq4uh1yxjsHxqe86Smzt44BmusedZJzHH74fqkecs3u4cek6BogSliX28upjo_9HhbCpoO7cK6yEyskbcXvxxb18fdbcIdiejmg0YYhnQLpzOkIwMpBSFTYs5ezVYuwvEA7cV8-0OmfsT2XgP-omBBu9xIblAmIik5_4SOok2pWyKMKxh-Qqg2oI7FZ27WVzJRu2oDskoF4N8zAWv3hOzOAxoMLV7lFY8JNAAAlhuhpeVgNrq5j43b0DWxYjsT6TOmHLB7bLBF6KZMBpujdmbEZtvgFgbWilpJm2B4p6cJV08o2i2OS-zfJ9a172TViLiDTKezit_pc5A0ANCJRrKWrtGndAZ3tgR1KVjVxBbozL7V-qriibIJtMscEeSzWyI3orSPyqO1xTIGy7KmT6z5auHW0nZic42pyDvBkV6pO6VmkEJtEZP7beaHMAc3uz5h_5tGyoKnYaRnBfQFykk2d2WA0G-vwzrkfVyH-fUqV0ywMO-VoDwPqF1717N0zHpi7qUTVYBWb_YGbnFWxUs-qkznvDmK5FxiCCC3DWsIHGNjfwr4i7gf3daD5Fp5v9HFdIw7QkG_qEOvt8DeXDD6vnO8qmN2BOAHR01Vg3_RUdKIngWAeRZ60e1LCFm4_vWGd1qYU_FYfB2ZqmezvrKO7pirPQtn29wSSnuqZcluePC1qBC7-qrKiSunX07GZ6VW7uJEjy9D0xh8Ui1LHhw39NH-lbJV1WTxNEKYHyG1ASEw1lcA_GjSm7e_s63gPkdIZkPamAya4_qXA1_X8Us4QCZIYj6UWaVIcy0YwNdKqUGQVCk5wfhFM-TCMzN79dyqgwep2Y5Qm7ReRql1G0KIYZ8xPvBMArS-Rtr2rdn4E33FYf25hQTYGUcBYvD8QEzOZ22NdJTon5UDXsbU5j1WB2-ARpDnjTwIys5Sn17APN0-MIha_Tw_Ip8R98qRBUwdXEP2oc Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame A350 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEPsZfZGlImaP7C5no5ovE70&google_cver=1	43 B 1008 B	24ms 24ms	Image image/gif	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEPsZfZGlImaP7C5no5ovE70&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJvNos8DEPrY0tQDGN-l4YMCMAE&v=APEucNXvRZZCUZOvSlyhCCnaocN8-SlXsS-iaPzTiKrEVhiTsPqVeAarrq4e9uUVYALpxDUZ8Zj4zfpYFku6-oWM1fQVBK1j45c9ZwHF1_XtIrZHizsL_Cw Protocol H2 Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT an-x-request-uuid 49a9f053-4854-45d1-8866-e9de3a3f6331 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 149.88.27.83; 149.88.27.83; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEPsZfZGlImaP7C5no5ovE70&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 301 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame A350 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYzMDIxNDQ1MTg3MDg4NDAyMA%3D%3D	170 B 188 B	31ms 31ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYzMDIxNDQ1MTg3MDg4NDAyMA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJvNos8DEPrY0tQDGN-l4YMCMAE&v=APEucNXvRZZCUZOvSlyhCCnaocN8-SlXsS-iaPzTiKrEVhiTsPqVeAarrq4e9uUVYALpxDUZ8Zj4zfpYFku6-oWM1fQVBK1j45c9ZwHF1_XtIrZHizsL_Cw Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT an-x-request-uuid e4f32153-555f-4b8f-95e2-7ec649173658 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzYzMDIxNDQ1MTg3MDg4NDAyMA%3D%3D x-proxy-origin 149.88.27.83; 149.88.27.83; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame A350 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI5QEFixoct55KpG2w0CjO0&google_cver=1&gdpr=0 https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEI5QEFixoct55KpG2w0CjO0&google_cver=1&gdpr=0	43 B 171 B	32ms 32ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEI5QEFixoct55KpG2w0CjO0&google_cver=1&gdpr=0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJvNos8DEPrY0tQDGN-l4YMCMAE&v=APEucNXvRZZCUZOvSlyhCCnaocN8-SlXsS-iaPzTiKrEVhiTsPqVeAarrq4e9uUVYALpxDUZ8Zj4zfpYFku6-oWM1fQVBK1j45c9ZwHF1_XtIrZHizsL_Cw Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEI5QEFixoct55KpG2w0CjO0&google_cver=1&gdpr=0 date Sun, 21 Jan 2024 05:14:55 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H3	200	pixel cm.g.doubleclick.net/ Frame A350 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWM1YjQzYWUtMzE5MC0yY2Q5LWQ5MGUtOTk4NjZkNzhiNDQx	170 B 188 B	31ms 31ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWM1YjQzYWUtMzE5MC0yY2Q5LWQ5MGUtOTk4NjZkNzhiNDQx Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJvNos8DEPrY0tQDGN-l4YMCMAE&v=APEucNXvRZZCUZOvSlyhCCnaocN8-SlXsS-iaPzTiKrEVhiTsPqVeAarrq4e9uUVYALpxDUZ8Zj4zfpYFku6-oWM1fQVBK1j45c9ZwHF1_XtIrZHizsL_Cw Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sun, 21 Jan 2024 05:14:55 GMT content-encoding gzip via 1.1 google server OXGW/0.0.0 vary Accept, Accept-Encoding content-type image/gif location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWM1YjQzYWUtMzE5MC0yY2Q5LWQ5MGUtOTk4NjZkNzhiNDQx p3p CP="CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response pagead2.googlesyndication.com/bg/ Frame 86BB	39 KB 15 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:19:48 GMT content-encoding br x-content-type-options nosniff age 14107 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15219 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 20 Jan 2025 01:19:48 GMT
GET H3	200	DcmEnabler_01_250.js Show response s0.2mdn.net/879366/ Frame B46A	32 KB 11 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/8172248081976013699/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sat, 20 Jan 2024 23:49:09 GMT content-encoding gzip x-content-type-options nosniff age 19546 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11558 x-xss-protection 0 last-modified Tue, 14 Mar 2023 21:28:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 23:49:09 GMT
GET H3	200	view ad.doubleclick.net/pcs/ Frame 89E5	0 0	57ms 56ms	Fetch image/gif	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjssCtE4pcCpmkAKmmoUuWfuPYZ7Yezs01Sp869BCGxayVW2nL7FnSHB0oophccqrBU_8AM-IwjeFOU0I8oxolPDrhdq7YeqcB3Nf9gSdSSQGO8Db0TwoFDLdTYdFgIlmpEv7pqgM3KMIvNHJt9uTx11lQj4eQ5LioGQdx8j1id_8j0zqhkEWyKVF3oCeAT8pJxwgCg1Q_SOr0I0sOBrnXHb_Nqmqgnxnrvc3sUt5RZJpTtbpAwufK5yCz1Id_Pm1FGU_kFBnvQQRI2FmnhyXub0sVZs-6O1DjdCIud5BpAkrIOqn7CKi2chviwuIbcgif5TOBCt_dT4m68UGIYuK-8eLKdCvsBKW-lrP9DSZia1LA1oSR0f1vgECLeDAi1cqhmOhGwljv7R1P7HJacJVDKGAEJJ_r67grylnCC3sOTcWtMH5Z4wKctbi2P2cY4v3KLEX4WGVvD-F2wgqxWBc8lUWbhcTvNPVs72HIzhYpxWf21kUCxxb79ljcHlXZ2ByLmzVRDvTFIovCUflTVc1wWW2igi4QFITlyTxaTnU_quqz9hF0nMpcaAOkBmNsvgryiSk1j4Uwuszhadm32xMGNK_OFys2TTDApwjhFxcSzZ6gXSYkGH1bzuAk2dxUWvhY2fFgd74fleKymL1eu-8VqDywdzh3j8jgRYuJb-3we-0y0RYjTGzskmbyUjQA4lIA0mamY2nSSqcZTj1fVjzIlgpnadwwHlGVC1XDx2DkQY7J1zg3NH3GF7YpFdmDej_G29sKvFX1SMxUhqCuxHd8CMaSm4MwPGyAHRk2sG2KOABSvUF4YY-Uz7MjMs8Fp55773ZUzIh3uRxFLxdgRvWAjYyOE-gvyTrT-DhRY9YoyEuMx_dU2ETfEYSY-lPzW2wus3afbeLa8IoQ1DFDiPL4ZOFLVFnitXLyWGn3HZr5CWXzZNGz0kD7CuShhg1sOI2iTTh6LwvcboeyciOlcJTT3Y11Cm9Rj0SHnF1Qna8Vddr_TjsnVpuzDKp8u2WCwGI7EZEzvTXOTivIfMcdM2wImt6KRk8exTCe0pqxFIpx5pHJTB5PpT_obAS7CGtjR4wRnxzRw_PyhtQY_PjF_Mvn2Ys95-vuD7YUDxgTDPrVMPj3ZS8TlnsSN27d0jlM_jjn33RYMNxeUt1TGLBcZ2ItDpVmhiVUwcjzL22KlVDefd8mduFy58ixloiSaY66eRinLaK66oYvxd60t9oVZS1qUQiZG_omrVbFdTsd2E4Z-JwpvMArcRP5hWAORuhcfTVS84cnvsCjmxHg2XBxlh5ioQU6ssemLHze25bs-eBeaFCHs3tANrrGESbk1WMBCggiTKC5WxGOaigiQTf7jGhbvpe0ulyi8a_WAgBCOYtjj1InyCVw2-mRJOyWrOS8gbPe4Ot4xkdx-i8frUXr8yqFbic1GS5rr6dWNbiNDFwjxa5zVr2f7LXaolt9ttNBWE&sai=AMfl-YQeRCkao18tKnmks1Vpd9-R0F48LS2ASce57_fX2TT1BlnsfS_AjCCj8AmdzmZGziFhPPVRu5gjTC-dlqOeqwftlM01OqziA1qNjhdA_usYrmXMYrcb-F_22IInMg-djGXnyfh37P6yRA44inVjtO-VICUKakY7bArucVuhE8410LaiRSSLd7sXM_UzefYbVGTJ70KNxNhK4RAZ_4FVboHVg1rlNO1TFLegNElpKs6W5tk7RI_AwO_AJNYlPWuSq6Ann3ovoRWtLqmbNPM4uayy25511FGW06652t96svI9FEDRqRzU76c5WCegOr9QLiv88WAkx058FpMJosv5K2N6S-ZYPJMgquRZxpz5KrvifbbsNm_C-gO8HYjWtjC7cr_TEd2w2Z1fkTu0vGT2eVyrHP_6BlpK0QcnE-7m&sig=Cg0ArKJSzLrsn1Ug9T5DEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hbWFnLmNo&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=127&vt=11&dtpt=75&dett=3&cstd=51&cisv=r20240118.64626&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 86BB	0 20 B	56ms 56ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDqdhT6isZbKEApuB7_UPr66d-AsAAAAAOAHgBAI&bg=!lJell9jNAAa8BdJLnAU7ADQBe5WfOF1JkUPuU5Ede3nmBXMpyAeTS_07dZulJ2Yo6Etb6mU1s4rVpRV2VtzjexaHikAFAgAAAClSAAAAAWgBB5kDEK2qmxB5kZoh6ABWiWZmlKehTDTn91h0nQmbWK4pkaC9MIAziSI9gdrupdj9ncw3moLYDNmZz7RMnAGsNgygH5UHrTyhzcs5Pt_PyV3YPmFX0YPZJi2hHNE5exa9JXPg4LhouXuHwsg91-6vQfc8u7ytaEPAGv2K9XdiL750BMoySqii9ucOglHw4YLqaDHJLyUXj3hMOjjNnlfPRCqhApFlWjv100GeToeWbdHIoQJXH_rEyNo8c1gHXKei3nhy7b4BHtc0GppA3UA6m6vy7lvOEGi_Z5mO9zrFXAJszlCjOlifYze1FRvc3bp_k0id6Q87mEl4OvocqvOoS8HtATs9R_4aL3-bc6hSzYM0AxpBCQwJUNbR761YLzPKJDCUuuBtYMjhOC2BsbiPn2CzjFG3-wtOcwW6aAHsuw2xMxWtwKPpd0SYQcOdGFfJ-AfYrgnecAU6lNrfSDRNx_ZZEoLLjAiTWwCz-FoLg3crNzMj7Oni4wRJcDATkQ3c7ufmTU6jsMiE_lNk2QdTji9sYh7tkW70ralJGw5x1DaQ5YLLsjy44QP-wwWNX3GdfaM7dz3PswTfSZsW4i57rzQ5e4zcXWtfF_GvmfPxFrhye0GsAejn66yCgKNkyP-8UsL7xXeS0VNe21S1LHEytG5M0mtI0XnprXuV8gznDvc1BSZrpxd_xER8HOZE1PJOAxjf7-Xxqr332H8QACc0q1iEHdobqItixFzdMJO8dPhr1MVUiU9yJUHpzGyA2L1gfj2Qlvi-b_dCoRkrSOfxD9FLFauTwYRBwY32QkSSuDSTj63eWTN7YK21bU4nRTpYKq-WYasZqYF4KrCPb2cDxhi8j_fRIU8-6_UgiGwfYhYP6_SpL_NefEk4OwTbVrIlEa4r8cGbfUaLqXWrNCYOo7p6iQKIBAGFt1uLIelTZAHSQpkhBt9fPyTi1D-oDFuqHlmfr3WYJncpk9mf7WQemFL7kXaEoLyN5gFqIMvXKhnIF8XUeM9eIu-nH_IHbafu4OZWHU8i6sr5oH8I0mvx31bdIpA Requested by Host: dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com URL: https://dc3ebd8081438c4df0882644531e688a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 17CB	17 KB 6 KB	65ms 65ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_248.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 21 Jan 2024 05:14:55 GMT
GET H3	200	view ad.doubleclick.net/pcs/ Frame 6C54	0 0	56ms 56ms	Fetch image/gif	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/pcs/view?xai=AKAOjsvdPj4MjURJ5nMAF3Mh9A5Y-WRgIOLAqmIomKBoI5weLnN2owGuOLY2ejSp7mY7q1XD4qDf_9fxRuMyiR-bNqKuRkm_jHvjs0PsoUoK_FFXElYIoC0TACfR6NKqYqyJKIgIpTQ7_qRwKs4VDXl53Jc6AoCyykl8EJvSFwHtKYvgZPIJEoEWwzyARqb1vgYotzS_XHnDqCT1yj7rhZ5xhE3DnBWMBKO_HWYXIFkqwh7CVEyGsA-kq5Jc1e2tLY2ixzl0YALRT1SJIfb_jXKLkLktadW4fpNqb8P8SLENLx31oE6cfresoz-cBL9q1XbHHHDksK0W993cf0qfizy_Nl-b-mITy2EF-v2QRO_tbp6XS8pJxRqbj97o4TIBIjILdPXW9-i9LOIV2Zm62--iUDGIwaSTkF0UDTONVwWuvYdyc95PWmPTDuobMYsPd16IkA3hViDuR66KhuoAbCEabjdgGXqA_YyrCStXmsO7Z5K5cr6Q0GJ2AJmsdRVwHRlOZKG2FsaBUC2b7uCzrfIPFLYN38DXTRIWaM7QEfbV3Qd41BE-p4UClJuE3ZNYxxO7o_SPzJofg6bHVxjdvPimVubNIYEIO3gvBo4qIx6lLG0Ifl_DIT3_B_BSZnLl0EfVRqkpWAhow1TOioVdqN-DxLxlxIjkDHT7DmBN1-I-MBI7qKphaQTRvuIaWjxMKKoPktAnZhGGj7oaC0CyntzaguI9JBqfGnTaXNqsLsjnv5C40Omcx0eAfVuHulZ52tnkNBFug_AxzGi05hoGS2cVmTRsYa0PlbGyRYRk6DjhGFz-gliQ_EEUBAtc9T4C-cukq0553tTSVcdViIrF9WUmxdEnjbkjcNwlP4adStae30l6-fpNayeqvQZ65LfwlC5im7O_FoLJvQsO4N_3niRzspWI4lndZ2WMYC5x37TABJDXRtKwrzsw8aM7i1p5ElgZBI9Sfj9rLy-7WEPHKNPhF5aSdpYdwa7rATlG9xgjqWcYdLoV4IAlK2Gg7nYWJAQyvt-1PDxNnFtLEP4z_5Vn3gcwDefpXhJiKnZR7KHzrs12iys4zKomBtil3MyF39LVdgzM3AUShLTOUih8Ye2gZWpEKdgO-tnEtQE1H-lhEU4wMiSY_PE4pBODnpNtnSNuNhWRiOa6wEmZVOwCnvcvqNfYxrvn_BflyG5GwVgW5ukPToVqu-5o9sd14FTKMwIvKaeIbUSBEpETBhmTSbwDkbFwA1TxB5t4hnSSLwcSO1mm7pzxrmZMjHbiZzVjo-f9U7FSMtvr7q-5_wx5WRFeJWn_gf751TzkQu4-YifTTMtTK8bxgc5Nzog7oJuVJujl_3-uLoo3gngj3FSZwEsmSaVAtmTs64LlNCe_Omw7jFC2nTMSMlJh1i3xXgXhtk5IP7vUGAbZcMYuorz_Vu2xXJcdfS7BiaReXnd5LU-uAuaEV9Hjm8qjr9F8F1ptmRPlfTPLoHM1N5X9IMXMmIgXMOGAe5mw04jD2G-lQ2ZSFItMvfXKsd2LKcyt&sai=AMfl-YQKQCwvjoQZGFzF3egz04uqDT7TnwteSiADVqEltnWz4TUvepYbNQGh2Vz10n0wIBX6Lh1lbTO-tDVXeT5M7G8nZ3V_JQeLTe3VTxF9H0ywmG73HJdxflzfFlHgBQ5hD6SXs0vCvGA2gXTq6Z9AfdhCAp4PnFgaMuKF_hthg1pmmP3Vcvuthj3B10j1BwtD6kko_WBwHpU4-QaiAB06MIuu_qNnA4oHx2yuWvX6aKQOPzdgUNDRHfdw4C2Rf45drHfA4jholMzN2QOHWPCpQNZ-WWLS_DbZ0WDmx87iX2_AWStCjUebaL7sQC_QnDDElXKSyvmU4DUUQfjRuBEfS4mDx6jrmt-TNycUD0x1pT0p9DJMrOpas2h6Wn-d8WJeQr7vf9GbnDAw6yfOMkFWJrosTH_N-15uKW14munJnv1ROtYSjA&sig=Cg0ArKJSzN-4JmRnBQA3EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lbmpveTM2NS5jaCxodHRwczovL2Nzcy5jaA&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=354&vt=11&dtpt=312&dett=3&cstd=38&cisv=r20240118.95793&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	Benefit_enjoy_new_CI_sprites_Neujahr_728x90_v1.png_1668688796650_Benefit_enjoy_new_CI_sprites_Neujahr_728x90_v1.png s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/ Frame 17CB	2 KB 2 KB	24ms 24ms	Image image/png	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/Benefit_enjoy_new_CI_sprites_Neujahr_728x90_v1.png_1668688796650_Benefit_enjoy_new_CI_sprites_Neujahr_728x90_v1.png Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9f5636af041e3e42802e4829b5ba9b897f3d8b046abc5bd07fc35ac112cfbe9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 17 Jan 2024 20:18:14 GMT x-content-type-options nosniff age 291401 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1568 x-xss-protection 0 last-modified Thu, 17 Nov 2022 12:39:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 16 Jan 2025 20:18:14 GMT
GET H3	200	Benefit_enjoy_new_CI_phone_profitieren_728x90_v1.png_1649696365177_Benefit_enjoy_new_CI_phone_profitieren_728x90_v1.png s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/ Frame 17CB	11 KB 11 KB	23ms 23ms	Image image/png	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/10777915/s0.2mdn.net/creatives/assets/4074705/Benefit_enjoy_new_CI_phone_profitieren_728x90_v1.png_1649696365177_Benefit_enjoy_new_CI_phone_profitieren_728x90_v1.png Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9374a1052d2a281c6b6fd02ac010e9ed716b169634d5f32eabcbbeb446f628c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 16 Jan 2024 20:06:30 GMT x-content-type-options nosniff age 378505 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11098 x-xss-protection 0 last-modified Mon, 11 Apr 2022 16:59:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 15 Jan 2025 20:06:30 GMT
GET H3	200	MuseoSans_300-webfont.woff2 s0.2mdn.net/creatives/assets/4466103/ Frame 17CB	17 KB 17 KB	23ms 23ms	Font font/woff2	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_300-webfont.woff2 Requested by Host: www.nix-wie-weg.de URL: https://www.nix-wie-weg.de/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 184d53ce0e02a39cd434b8dd66e2da3dd45c00bbc386ed2f3eaf4c2527c084ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://s0.2mdn.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:07:05 GMT x-content-type-options nosniff age 470 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17260 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:01:11 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 21 Jan 2024 05:22:05 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	67ms 67ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401180101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b44f3beae9cb6641b79b491536bcdaeedd87de049a01199050d6d5080ea93cb6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12306 x-xss-protection 0
GET H3	200	IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response pagead2.googlesyndication.com/bg/ Frame D661	39 KB 15 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:19:48 GMT content-encoding br x-content-type-options nosniff age 14107 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15219 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 20 Jan 2025 01:19:48 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	30ms 30ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js?cb=31080550 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 21 Jan 2024 05:14:55 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F19	13 KB 5 KB	23ms 23ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.nix-wie-weg.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers accept-ranges bytes age 45416 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sat, 20 Jan 2024 16:37:59 GMT expires Sun, 19 Jan 2025 16:37:59 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 8A66	829 B 559 B	33ms 32ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6101b47bab7bac43fdcce33603f67a2460a3f4c8132359d721eb0fb507c46138 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-6thMwgSSFAOCzyySb_W2vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.nix-wie-weg.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-6thMwgSSFAOCzyySb_W2vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 21 Jan 2024 05:14:55 GMT expires Sun, 21 Jan 2024 05:14:55 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response pagead2.googlesyndication.com/bg/ Frame 1F19	39 KB 15 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 01:19:48 GMT content-encoding br x-content-type-options nosniff age 14107 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15219 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 20 Jan 2025 01:19:48 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 8A66	0 0	54ms 54ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401180101&jk=1722366591923444&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 1F19	0 10 B	22ms 22ms	Image text/plain	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?nSpddQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Sun, 21 Jan 2024 05:14:55 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	56ms 55ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401180101&jk=1722366591923444&bg=!dnWldTrNAAa8BdJLnAU7ADQBe5WfOAOi6N5qVJgrNoRWF1U3qVpEdzugvFsMbITwAnItrxSkDsw2miDUbypsUngoEtI3AgAAAChSAAAAAmgBB5kC0nudE5ZAKSLZSkdZuI6uaGt8dHScFFDoyFb5aBZb7C7Xe3vFMYLhkPyCtty2HJ85vz3pAOjiylAv7oZSWMjYfOIcoELX-EtrDL0dT-eUQncXhN_-KHE0FzRHQXda5p4BtFVIjJqY9yHGRbFcFWvZUz_ev3OzdV-ZIX-Bjf6_C9BpqLQNzZdo5fhalTSMGoPWwmz9XGsUTXXxHEklm7N7mLGTkzfaB1hby8JT0NVyWGucKp64E8Nhxq-0tr-4WlM1MBdZ-dweXSst6ala1saQG_WOZXRX8SA5JD0FHnerUAvb2UtwZilDlnypMUZ9YV49xGjbodfVZuiy-FxLZW-Ybr_wGZCL7tqbxrNh_VUaFuRFdsYPqatplMDJj_B5OIo8tsr8_glPjSTdjBf-faEfdQ-KD4ZYUMTUYo4gVyMT5V8P5NPxPKF_E6UN_hr5QEOysZ9GMDraVsJIeWwliDMYEVddXDf6ghfrfyiwL9qN4JYarYIKuJIhSBYIV-eBlcAOjwtxsxEV_P9iHdxjhi9-GFdjFTpExLzaqi5QWhZ9dzgeuyUUmaFE4T6cqghxrxqBFkGC2gfTNwHakVPMOvWu6tdnuqlgJyjE9GVFYOYizi-QRRMsWcgsO9d0_ISncZhLR0lWsykVFUwNtuL51We9rm9p5rE4Ex4Uqag2QnwvXGVbkjNxcwOCvWVWRYmhRRYstKtC7TR_1b6YmZCg94MHgr2Xp60RBQDXZ_JwHNoPHgt4-H9M8JyO_m6n4UNudAbDcZADJAlJa2nU-pMVQx1PhcyzgicTkQDanaWwbKVcx2zm2kho6hQ2I1Wctq1K9t_VJQu8XN19RlT-6WRkl00s_06Yx5dU6izO-fxjGbj07lWVpSNk_1kEA8PeHfodV4vfMlNg73M9LuWt-EYJP6HlTFq3JHdrVB4NPmlcMJsK71MpsZ19zgnckOy1oMdhOcvhfTs6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 0AB7	52 KB 17 KB	59ms 16ms	Document text/html	151.101.193.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: cdn-a.yieldlove.com URL: https://cdn-a.yieldlove.com/v2/yieldlove.js?nix-wie-weg.de Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Referer https://www.nix-wie-weg.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-CH,de;q=0.9 referer https://www.google.com/ Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Age 85698 Cache-Control max-age=86402 Connection keep-alive Content-Encoding gzip Content-Length 17053 Content-Type text/html Date Sun, 21 Jan 2024 05:14:56 GMT ETag W/"623de86a-cf34" Expires Thu, 18 Jan 2024 05:26:34 GMT Last-Modified Fri, 25 Mar 2022 16:06:02 GMT Server nginx/1.18.0 (Ubuntu) Vary Accept-Encoding Via 1.1 varnish, 1.1 varnish X-Cache HIT, HIT X-Cache-Hits 291, 192383 X-Served-By cache-lga13626-LGA, cache-mxp6980-MXP X-Timer S1705814097.777802,VS0,VE0
GET H2	200	async_usersync Show response ib.adnxs.com/ Frame 0AB7	0 763 B	24ms 24ms	Script text/html	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Sun, 21 Jan 2024 05:14:56 GMT an-x-request-uuid 8b29cf0b-bdf2-45ae-87e0-11eac3f9ae73 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 cache-control no-store, no-cache, private x-proxy-origin 149.88.27.83; 149.88.27.83; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

s0.2mdn.net

URL

https://s0.2mdn.net/sadbundle/4023836015931162624/mobileApp-chf500cashout-parallaxe-sprite-728x90.png

Domain

s0.2mdn.net

URL

https://s0.2mdn.net/sadbundle/4023836015931162624/mobileApp-chf500cashout-parallaxe-sprite-728x90.png

Domain

s0.2mdn.net

URL

https://s0.2mdn.net/sadbundle/4023836015931162624/mobileApp-chf500cashout-728x90.png

Domain

ad.doubleclick.net

URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst2C_TJ7tY-we74Ly3rz6A5p5UvVVaF_i712UQX7DNuLJwSr4utwMMOZtui3O2q-TrvZYg67-yl5OknTOU4T8yqJVNL0sejDjce5ETDYi9udagj0aHMuYACggzGADVCScA7HmWCklIiI4PVpp3CbcDYIZ4z9V4eCd_GXXJpd7AzBJatiPp6qgjC_AObAqZXNrhJ6EAg19pUgXXSM_IRTaY5a1jP4LtCzv-3EZpMTMx97vECbzVkBTasHKXQniwdkjMMcuViBG1oKtG6FndAnxWSNp8ZSatRjcE9NSK3ujTT23-iq_IVgO0bu4CEaAlD6TimKZfd7fv50dq6v3rNb8IRZObZYbWirlW1OMQlLddY0Wl1BTJAkjFW7ZXAWqFNAZcvUqMMxqFy2ajjR7rQX_SCUMgFCgOezyfd4DhhAKJnXtMjZKvANMikeQI5AXLr-zi5-auQtcortWyPGuG9DPCpTfZ2EXpy5tx_REvOJ7JKTUZAXis6aRAOXGxn7RtjaSBzZqonjHbAa5mw4jjipldlZnI8REK2tu4JUUAKhVPqd5x4ZT12yEWTI4i5cY43VX-9ZseJEgliMy-d-x8dJ8bWGLNrlUFJ-OMyOEZowekaTDteYRTCjQLJkbQow-gKji2k-K8baT7oQUuQVGoM1QuledEMtgJFdF-LHuZfYsvxfCOfow2ecIIGbJ7YBTvzMPYrdYqq8YRt4K5bxBdBGWq3IFiDwAzfkajTwGMgB00sakujJhLxq_8vDakfRcZ0RRGYQ6q8VFlHK67DqLtGrfnwsiMP1cf1dXw9wL1ReZM6gUYBwqe0Pqb8eSTH2EkBAo6kQU3lYgqSMkWQIX9KtPD-jGKGnrmqShJ3SlcylbdFT_wcbYRmuIHjNzhUtmyM9la9fLpMgnt0Qjm5-KQSxggJnRn78hCOM_k8IkbKXxMfL005sUN1GIESQ8bn8kQE7JQA0iYdeNycxeTHEXUZCA-Jy165dpl7axgywEhXv6eNTlnhYIl1GPIJeTRmZNi2NX5qn1Zws3iWEwzpSeXdMJ10332qwhRSbmo5M5Vb9WYAFvd6VJLXOu6LeDB1Nb-dcBNh05MzJXi19yHoM5fmWwoE3Lavfu8W5nMap9KmJm1GH2bNhcDZCEPcipH-UadS4ZniZrY3jEfAjyGrh4ewdAhYMsus_7wCvSW2DzPM9e8m_-u4I9ru_hupRB_JV7edtGsfYQv8ee7wQ_zx9maUyo6Bv3agPqplMqwwHMsrg6-6emC8Y_HKjIi2vh06qriK_Cno0qDFmYv0W6hjh2vi-UsloJbaDtEAHyU_6PnbODaWtEySfDEdd7jiBQWQRkiJFgfk_5NMd0U9NwFBoQ8iqECcFl6ruyM5N8ffQawup9jlfQFhZxLCIdLGOvMwM-A8DhY6tM-oE8EC1kxOx2b4-IZSSSr8ELfEOIudUmtX5bY8q9T2E_ZNkNV9s4wpY-mwkZBFEg&sai=AMfl-YS6Nu-Iio6BH8vOxhlPf2J5fIuM9SE3rPs8Ztli9qMYVVoD5uRHFaQ_Rp7NDVWhekO0mMuD2I0KJMz8xF2iIr30V_a4L3wgVxQHYWZTIKttT7VAS5C-yhYK2sY1eaiyXfifemnzh19l0mugGOwXHFG6a37O6KB0W6Uk_AdV6f6C1ChB339eMloKP1wZjoYYzmAEsYUdyEOKAygdJBQMb2izZLmu1bwRKb65g3ve4bo2Ny3fT-GnODReiWRWbtG3nZJ0-jdRiwvjgYOU-Xn0sQGgUJDRL0BlJNexAVR6GoPYx62D1kLnJApxgRPbWFGpHT5OeEd23P0Krnqdf3FCu9S7XZuRuRoiJDBp2i3p9Z3YJK5iPrxVQhOKSjFI0Jx7ohgxYAyMSgzudlSsH6JWbwyOxMhJqNHp-ggPDWiOSr1syw7j7Y2cN0ekMKqqUs9MyclqWcVPEFl8L9TaazFa1QhSPrWfGGpUlERnWguu72dmuycsaEiYDp5NBiNoAnftKDvt4A&sig=Cg0ArKJSzF-kBHA54KYHEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lbmpveTM2NS5jaCxodHRwczovL2Nzcy5jaA&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1070&vt=11&dtpt=902&dett=4&cstd=164&cisv=r20240118.00614&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Domain

ade.googlesyndication.com

URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIiazs2NztgwMVI5H9Bx3KNAjsEAEYACD87-VG;dc_eps=AHas8cBF1_18whOat2NVpEvT7ckOtdyRnCBfGuWVCW0xmr4isJeAfV_H6W6w4YqkBsGByFacsiodtZfDVA;met=1;&timestamp=1705814095092;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssP6CtgaRjfyyCZEjRagt3pv38oKA-RqntYQ2rpA_XjS_bPzCq6B1kpfGP750IJPsz0-rheEK0enRmCznDP6QXcUKlJJEj6nb_vBugPFCZpaYU2EmsM_VwOAJdEkveXWZbdAY-RJD7-_diYC0OSN_trAgey&sai=AMfl-YR_aQFX3AmnUSxU7-9-zSTEX9Cbf1utaMz9gq-Cx8BHEypdij_9Ke4v92c62DGu4u-bAYfExfx7gCAzlJG-3lHScDjdI5WegJ8OiPskAMN362TO68tPiGFAcsIoDKhaF1cJoGSSQfeg6Ko5nWYx&sig=Cg0ArKJSzGn9QGWkHQiVEAE&cid=CAQSTgAvHhf_OpZ3cDzwwm0KsmxY9yINjtzKHhcYlm3HlBft1hEiXtDdWvcbP6nXYiDd9H7Do7-Lal8OSyknWGkxsAiS-izyYFuYiY6OTIMnwBgB&id=lidartos&mcvt=0&p=1359,436,1449,1164&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=989504133&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1705814093985&rpt=222&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain

ad.doubleclick.net

URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu4uD7dtDWHFwnSUSGjVsUI6tOwoY_Kp1A0AMMTpmaV8sTuv5yJTS7BFtsvpBnJIXbjBgVFDlzW_kCQGRifLBYNzXSv6Z4phat3krsFKcHsGGiVgBHp4efT4v3EkTHU9HEyn4S9Lh84ojO8-_BqdUfP2Y6xmW-OO46qkb3gYZOsLFmREtBUOhBVVc6cEp8RVRaXhILRbtBRCRvkyBDiC7qoQlqF95Z7hF_kr_1weHEB8pAPNXU3m-AducnFk80MfwCk1TkoMBxq-tM3Gtd0YtZFUQ4vGiPJZ8INUwM-D4uB2CAV9g1_sMZ7n-rdYq86JHfc6BveD2uYvBGoGdvnkkJyDqm6sO8w7jaFSToXAnEITdNAFExhms4fUHfDBsNunvk7hceec-P3qQ7B3f3AyuMNrBMO9fmcozL9n4d_yHtPIj5glU_mfRBjWSCRYrXyHCxPxBWawK01-f6gIc0_H6DtsFjHmfcqWESbKuhO92IjI13KiL4U5yri6X3_MT8MRVs3IPcBWX65rP1QtXeeFhMq5G2lUacdNhTtJKD4v8iHet5EuXIUphHA1JZ5ED5USrxOci4MAc1iW0gXITdq5lw2KwA2ye-KptOILi63WD0R2c7aI5iAiiJ-JWs8aXbVVL9n6FGWiGhkvnaAgrZOCeehXWms5EfeRCfnBzVW12nbVVzvOxPQ_FRKDiLA4dg1FZOqcKHGT9eXF5UzpKG0m272t2R5ZbhTMOcKgGp59lRJPnLhFjFo4OWgp0e6JGQW8PH4eEO4lO0YmIj-ukxoUngiRrnJ-K-HF8zJKvNuYlfPqqJNhnBPTI4yZqX8yIoBe7qD0p1mNj3Yp-f5f2r14S8pZ59i6YolioD2xRxT5dSMFXYI2smXyCPsf9RvCzDd3-aG9-grbDzfYqBhsc3vj4R70WBM4tg9U41q7X6mJLfKZP_laN-z6azihnwDiuh1L-N7o5rnYIXwAo_nSxOmK1SvjpJfWoPimk73ZcRa8pycSNW727G9vPaR6PVKvyyfwTHMkSwpBUXVz3u07VcDvMqc9EgR9v_j0okPQZ1D9rFpejgMoxpApwBg0ZANeB2w-lchSz5P9kSzXMQ9LfVur543kQSBkMS14tfbWjI83NHl_w_4g2xA7w0OK3lsX53MJBm6uSQVhYQxqH2Bm2_YmXC8eEdSuaxyMgqxUPrz06UNmTqICKMiphHJ3FX4uvbbldZuZ4T3klPNbFV6lJTTTKsAwzZPXcdz62shrGGY0nXe_AsIVUvX1MjkMlwGiga1-J5c_QgYmwPy1DO_oGP8zLRBHJQ48mLYiDxtEmUWWp4LAKswMsYAmmaMx4W3GJuCo8s9mN32D_eNg5w_QnDvDQtFdGxvHltSPDbqOe8l1XtdbzWKyDhHhyGQ5xDNc-FKUEQyIA2xC2n9lckrFRqie7jQmiBPpDu4Es1XUxIAgzbP9Hccjzydql1Gog63m3TvDy0KYlqA4Q&sai=AMfl-YTOE1f623MVjjT6cnLDx-zxaM1HBcFnXTpBi-DV5NIHmh2t0ezxvTNaemIER2q0p-dNpVZ7Py_AhXtuiHgRV82CE3z2YgobkL8YsK_mnGn9VxC4Fu6rlD9IywWT4kUD0SxgeVq8h41NDBG71MKIvHNumWssZzLqClfOALMquCJZjUhBJQSiTb6Vtz5aXwFg1vd_dk32EXbydV6eHPIDscs-EEJAmetxbtGBjIOyWlWshNfs1KIXGIHo7A30lviKFNbDyUSd0IFkP5OrpUdJwkUkl0EG4VUquQ3bp0lsmwB9Qi6RXolLdiX3TiXzrRJvrbIryhCRFsJDddlZd5zTUT2lUgwYJAlIrZ2-OQRL2ytpGyZdFEE4RoDBx99tTbEi61vFcQtLxkl4VsPZdNGO9ZgWKAvyNpTlewaraaDKQAyQNkBo6OpaznOIk0beeO6vazVFvzML8XUMSF-mnLJS0W4PlCngzXrG2kXM004VOnmk2aUgN0XSPVJHqwC5zrn_Ypbp4A&sig=Cg0ArKJSzGAZLSOnrRv-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9lbmpveTM2NS5jaCxodHRwczovL2Nzcy5jaA&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1249&vt=11&dtpt=1067&dett=4&cstd=176&cisv=r20240118.38423&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJZJcBJvjiRDBNp9T5a7apSKd7h_tCt7cOxDpVu_2YBS6KqlhDHIsOyC5g-ytW_Owog6wU0eu6Sfh53fWzgYCP0pzD4Kw8f6MsgLH9xRZeayWQmcwna3yrFjFRgFS3cWYAgNq6Il1uU0GSaQbcX0exLEO1&sai=AMfl-YTc5eYqAKzVdDcwK3ZKzoLu3jfCrsX1PIHkXYhRiV4m9WqLz_fr5uIns9MvWQzJkHdELJl7fud30KOREBPZERfkv2mvuSy1Qj_CdSDmxJzrJc08agMsklfQDZs6i_Ztc3TQM1D3DNfDSxcUeGTp&sig=Cg0ArKJSzDnM4OEpLWHuEAE&cid=CAQSTgAvHhf_l0BojU6EQYqFDb1hgYRF4CzxE2kFLRJs1x_xdUowX8_7z5u12Ifj6LvExepIeE57W34XDu7heWg0tjel9NQLQBx-vi-CvAPBEBgB&id=lidartos&mcvt=0&p=3289,436,3379,1164&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2703868347&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1705814093946&rpt=216&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain

ade.googlesyndication.com

URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIn8Ls2NztgwMVNcC7CB2dAwzzEAEYACD87-VG;dc_eps=AHas8cDqKBukjYNbsckOitKOcUn92v5P3hsCAVVGliy-iJlk_9y2gbHKeObx05cp1R7i0jEkcVz0p5W7Ng;met=1;&timestamp=1705814095251;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;