urlscan.io logo urlscan.io
SecurityTrails logo

qooh.me Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
URL: http://qooh.me/joinsubway8
Submission: On September 25 via manual — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 13 domains to perform 62 HTTP transactions. The main IP is 188.114.97.3, located in Italy and belongs to CLOUDFLARENET, US. The main domain is qooh.me.
This is the only time qooh.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 188.114.97.3 13335 (CLOUDFLAR...)
4 142.250.185.226 15169 (GOOGLE)
2 216.58.206.46 15169 (GOOGLE)
7 142.250.185.162 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
3 37.157.2.234 198622 (ADFORM)
6 142.250.186.33 15169 (GOOGLE)
3 142.250.184.226 15169 (GOOGLE)
4 23.213.165.149 16625 (AKAMAI-AS)
2 37.157.5.73 198622 (ADFORM)
3 66.225.223.31 3949 (NTTA-3946)
2 146.75.118.132 54113 (FASTLY)
3 213.227.153.221 60781 (LEASEWEB-...)
1 94.130.160.12 24940 (HETZNER-AS)
1 213.227.153.223 60781 (LEASEWEB-...)
1 2 46.4.10.49 24940 (HETZNER-AS)
62 17
13    188.114.97.3 (Italy)

ASN13335 (CLOUDFLARENET, US)
qooh.me
4    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
pagead2.googlesyndication.com
2    216.58.206.46 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f14.1e100.net
www.google-analytics.com
7    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads.g.doubleclick.net
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
partner.googleadservices.com
3    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
6    142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
4    23.213.165.149 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-149.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
3    66.225.223.31 (Chicago, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com
b1t-sadc1.zemanta.com
2    146.75.118.132 (Sweden)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
3    213.227.153.221 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net
b1t-eudc1.zemanta.com
1    94.130.160.12 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.160.130.94.clients.your-server.de
tm.ad-srv.net
1    213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1-eudc1.zemanta.com
2    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
ad.ad-srv.net
Apex Domain
Subdomains		 Transfer
13 qooh.me
qooh.me
85 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
215 KB
7 zemanta.com
b1t-sadc1.zemanta.com — Cisco Umbrella Rank: 8655
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 13644
b1-eudc1.zemanta.com — Cisco Umbrella Rank: 19760
b1-sadc1.zemanta.com Failed
867 B
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
54 KB
5 adform.net
track.adform.net — Cisco Umbrella Rank: 3716
s1.adform.net — Cisco Umbrella Rank: 7684
38 KB
4 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2157
26 KB
3 ad-srv.net
tm.ad-srv.net — Cisco Umbrella Rank: 97300
ad.ad-srv.net — Cisco Umbrella Rank: 45207
ad1.ad-srv.net Failed
7 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
171 KB
2 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 3383
23 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
17 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1368
598 B
0 contentspread.net Failed
cdn.contentspread.net Failed
0 awin1.com Failed
www.awin1.com Failed
62 13
Domain Requested by
13 qooh.me qooh.me
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
qooh.me
6 tpc.googlesyndication.com googleads.g.doubleclick.net
4 widgets.outbrain.com googleads.g.doubleclick.net
widgets.outbrain.com
4 pagead2.googlesyndication.com qooh.me
pagead2.googlesyndication.com
www.googletagservices.com
3 b1t-eudc1.zemanta.com googleads.g.doubleclick.net
widgets.outbrain.com
3 b1t-sadc1.zemanta.com googleads.g.doubleclick.net
widgets.outbrain.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 track.adform.net googleads.g.doubleclick.net
s1.adform.net
2 ad.ad-srv.net 1 redirects tm.ad-srv.net
2 zem.outbrainimg.com googleads.g.doubleclick.net
2 s1.adform.net track.adform.net
s1.adform.net
2 www.google-analytics.com qooh.me
1 b1-eudc1.zemanta.com qooh.me
1 tm.ad-srv.net qooh.me
1 partner.googleadservices.com pagead2.googlesyndication.com
0 cdn.contentspread.net Failed ad.ad-srv.net
0 ad1.ad-srv.net Failed ad.ad-srv.net
0 www.awin1.com Failed ad.ad-srv.net
0 b1-sadc1.zemanta.com Failed qooh.me
62 20

This site contains links to these domains. Also see Links.

Domain
dewigame.site
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.outbrainimg.com
R3		 2023-07-31 -
2023-10-29		 3 months crt.sh
ad-srv.net
R3		 2023-08-17 -
2023-11-15		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://qooh.me/joinsubway8
Frame ID: 6C530BDA6D0504262F0EF2C58780EF2B
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Frame ID: A74F3809E2929F50AF0ECB0BBE22109F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812170&bpp=390&bdt=919&idt=1305&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&correlator=6368526665924&frm=20&pv=2&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZDHlR9YVdy&p=http%3A//qooh.me&dtd=1322
Frame ID: B793C11448968D11C92F3F00F22A7BC9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812173&bpp=388&bdt=923&idt=1327&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=u7PZ0pZsS5&p=http%3A//qooh.me&dtd=1330
Frame ID: A35C60C07243CE0431E3DC6E92C80491
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812175&bpp=386&bdt=924&idt=1330&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=DVr9S2N8Wv&p=http%3A//qooh.me&dtd=1333
Frame ID: FAD83560837931A0D7003D2A054F7608
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&adk=1812271804&adf=3025194257&lmt=1695641613&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1695648812577&bpp=2&bdt=1327&idt=934&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3666114337%2C7328249135%2C1032866731&nras=1&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=946
Frame ID: D94F0D24F8064A388CBBB1D458959A98
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=nwtpyrxedwqr&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=http%3A%2F%2Fqooh.me%2F&ancestorOrigins=http%3A%2F%2Fqooh.me&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:qooh.me&extVar[]=AF_DOM_RTB:qooh.me&subid=8925566747170456839&rnd=44889&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCwYAqLYwRZdOFKo7gkgOA1ZqwDpGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmpAkpI81cYLYM-qAMByAMCqgTaAU_QFxFe_b9PtA9uNR994AS9e3rO09m3WWl14LJq2ItAf4d7uwkt8HiiNAr0jCNCsEWmEPNzYSj6pjwT2kPQhqr-9X0t-CMMM5cbjveSYFRFPODLxoZgrDz9qnxtjt6eNUf9xoxAT54lasS0yp9sNw07k137ioirtv5acki3WB0FZwynCnttygB3jksajiYYzfoFrF7ZDZsakAIw7eiBoJrb0EnDn5wzW-KhKodr7yVRKmI7KEtp0itZtvh7YKcpC7xzhPiKUsYYkNsQKgYFL1L8cXV2ZDaeUe2WgAbctv_q1I7Z6YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lg_ilWBkAnSoPIz5T9qmSjcvSVg%26client%3Dca-pub-1046108362436506%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110897%3Bcrtbwp%3DZRGMLQAKgtMKZLAOAAaqgF52-QJKvvNIZU3r7A%3Bcrtbdata%3DRZJi-bke7cMAITi4Vu2eeKnfVyPVqjJKZr6Giu2cfZnbbOWDmUAPVmWUFfyZBaN7ZL0UmD8mX6q_8C_c9PFArLBO08PscS9oArYeA5B6oZ8Wdj8AafGuhqJmsagtXlibrXUubecP9aGnMIqzIab7JfQm6qH1hybeOdtrzbQfEpN6KHLXtwwDKw2%3Badfibeg%3D0%3Bcdata%3DfpdAD7fgg7eTircke1AWXGwr33KesJN4yS5voTVArl3e-F4yyOT03D_hrKm5miwYBuHfSmDQP0uuFqwhPKLxp8yECIRnbFRC4fn4X_ACi5i9J7MGGdNOnZhNsUxQwZ3vhfQQj3QSu-U7joi6uMgg0g2%3B%3BCREFURL%3Dhttp%253a%252f%252fqooh.me%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Frame ID: 4C6FFBDCB77FD65A3CD281272661A6D9
Requests: 5 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2367338&v=15168&q=361106&r=783431&pv=1&pref2=15168&pref1=39654500085189804452304012458001
Frame ID: D53BDBCFF07EBF720A86D7A85AA6CF96
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qoohme

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

66 %
HTTPS

0 %
IPv6

13
Domains

20
Subdomains

17
IPs

6
Countries

636 kB
Transfer

1776 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 22
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1604178310&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid=1172033964&utmr=-&utmp=%2Fjoinsubway8&utmht=1695648813535&utmac=UA-23732945-1&utmcc=__utma%3D3998191.497366715.1695648814.1695648814.1695648814.1%3B%2B__utmz%3D3998191.1695648814.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=150611719&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1604178310&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid=1172033964&utmr=-&utmp=%2Fjoinsubway8&utmht=1695648813535&utmac=UA-23732945-1&utmcc=__utma%3D3998191.497366715.1695648814.1695648814.1695648814.1%3B%2B__utmz%3D3998191.1695648814.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=150611719&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Request Chain 55
  • https://ad.ad-srv.net/request.php?zone=nwtpyrxedwqr&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=http%3A%2F%2Fqooh.me%2F&ancestorOrigins=http%3A%2F%2Fqooh.me&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:qooh.me&extVar[]=AF_DOM_RTB:qooh.me&subid=8925566747170456839&rnd=44889&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCwYAqLYwRZdOFKo7gkgOA1ZqwDpGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmpAkpI81cYLYM-qAMByAMCqgTaAU_QFxFe_b9PtA9uNR994AS9e3rO09m3WWl14LJq2ItAf4d7uwkt8HiiNAr0jCNCsEWmEPNzYSj6pjwT2kPQhqr-9X0t-CMMM5cbjveSYFRFPODLxoZgrDz9qnxtjt6eNUf9xoxAT54lasS0yp9sNw07k137ioirtv5acki3WB0FZwynCnttygB3jksajiYYzfoFrF7ZDZsakAIw7eiBoJrb0EnDn5wzW-KhKodr7yVRKmI7KEtp0itZtvh7YKcpC7xzhPiKUsYYkNsQKgYFL1L8cXV2ZDaeUe2WgAbctv_q1I7Z6YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lg_ilWBkAnSoPIz5T9qmSjcvSVg%26client%3Dca-pub-1046108362436506%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110897%3Bcrtbwp%3DZRGMLQAKgtMKZLAOAAaqgF52-QJKvvNIZU3r7A%3Bcrtbdata%3DRZJi-bke7cMAITi4Vu2eeKnfVyPVqjJKZr6Giu2cfZnbbOWDmUAPVmWUFfyZBaN7ZL0UmD8mX6q_8C_c9PFArLBO08PscS9oArYeA5B6oZ8Wdj8AafGuhqJmsagtXlibrXUubecP9aGnMIqzIab7JfQm6qH1hybeOdtrzbQfEpN6KHLXtwwDKw2%3Badfibeg%3D0%3Bcdata%3DfpdAD7fgg7eTircke1AWXGwr33KesJN4yS5voTVArl3e-F4yyOT03D_hrKm5miwYBuHfSmDQP0uuFqwhPKLxp8yECIRnbFRC4fn4X_ACi5i9J7MGGdNOnZhNsUxQwZ3vhfQQj3QSu-U7joi6uMgg0g2%3B%3BCREFURL%3Dhttp%253a%252f%252fqooh.me%3BC%3D1%3Bcpdir%3D HTTP 302
  • https://ad.ad-srv.net/request.php?zone=nwtpyrxedwqr&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=http%3A%2F%2Fqooh.me%2F&ancestorOrigins=http%3A%2F%2Fqooh.me&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:qooh.me&extVar[]=AF_DOM_RTB:qooh.me&subid=8925566747170456839&rnd=44889&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCwYAqLYwRZdOFKo7gkgOA1ZqwDpGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmpAkpI81cYLYM-qAMByAMCqgTaAU_QFxFe_b9PtA9uNR994AS9e3rO09m3WWl14LJq2ItAf4d7uwkt8HiiNAr0jCNCsEWmEPNzYSj6pjwT2kPQhqr-9X0t-CMMM5cbjveSYFRFPODLxoZgrDz9qnxtjt6eNUf9xoxAT54lasS0yp9sNw07k137ioirtv5acki3WB0FZwynCnttygB3jksajiYYzfoFrF7ZDZsakAIw7eiBoJrb0EnDn5wzW-KhKodr7yVRKmI7KEtp0itZtvh7YKcpC7xzhPiKUsYYkNsQKgYFL1L8cXV2ZDaeUe2WgAbctv_q1I7Z6YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lg_ilWBkAnSoPIz5T9qmSjcvSVg%26client%3Dca-pub-1046108362436506%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110897%3Bcrtbwp%3DZRGMLQAKgtMKZLAOAAaqgF52-QJKvvNIZU3r7A%3Bcrtbdata%3DRZJi-bke7cMAITi4Vu2eeKnfVyPVqjJKZr6Giu2cfZnbbOWDmUAPVmWUFfyZBaN7ZL0UmD8mX6q_8C_c9PFArLBO08PscS9oArYeA5B6oZ8Wdj8AafGuhqJmsagtXlibrXUubecP9aGnMIqzIab7JfQm6qH1hybeOdtrzbQfEpN6KHLXtwwDKw2%3Badfibeg%3D0%3Bcdata%3DfpdAD7fgg7eTircke1AWXGwr33KesJN4yS5voTVArl3e-F4yyOT03D_hrKm5miwYBuHfSmDQP0uuFqwhPKLxp8yECIRnbFRC4fn4X_ACi5i9J7MGGdNOnZhNsUxQwZ3vhfQQj3QSu-U7joi6uMgg0g2%3B%3BCREFURL%3Dhttp%253a%252f%252fqooh.me%3BC%3D1%3Bcpdir%3D&uidRedirect=1

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request joinsubway8
qooh.me/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://qooh.me/joinsubway8
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
798e9b24d5199d0bfc64aae92c780971e5e9658bcadaed924557b76bb0119952

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
80c3a3ab79c401ff-CDG
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Sep 2023 13:33:31 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGUTwZ9uKy%2FGPxOaR45Lalx8JMQ7QyalSKjn%2BYVkRaxCTDkwvyjbkCghdQP%2BbQU93iNSHAeShqj1S7sIHRkvg9%2FCozAmzwTubdlPeXsbonOGxqmSy80Q%2BGNL"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
X-Powered-By
PHP/5.6.40
alt-svc
h3=":443"; ma=86400
main.css
qooh.me/css/ 		51 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://qooh.me/css/main.css
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62bd121116b457d0864b2a9c58696ae8c520868df36b3ef414ec6142872ef472

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/joinsubway8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:31 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=64177
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
W/"5a02b0a3-fab1"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATcEO2D6DqlP6sg1LJ8bL2B%2FcLbPwCYLWo2MNcpnh3NjCA%2FJEpEMbVVR8%2F8eFhvRq5V%2BO%2BsGuAyDhWellVs%2BB8XWLdjzmIMOqVJXIDNr4ByW0rU4JQDgtKpt"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=86400
CF-RAY
80c3a3aebe990051-CDG
jquery-1.9.1.js
qooh.me/js/lib/ 		142 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://qooh.me/js/lib/jquery-1.9.1.js
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549a75e349567add1be9f64d09b384dbd223cfd24bf1968699ba905b41a8ac23

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/joinsubway8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:31 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=268381
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
W/"5a02b0a3-4185d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjwgEFBsbjfoE12oyRyHSAoU5v5CZ1FbYUzgoJrnRlZUsXcqpTys7vTjUUPHOJAKIeR4D2fi8Vu6YX0innVoB3oHbu2wNOcUcNPOc9t%2BNsBULNhDYsbP%2FJj%2B"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=86400
CF-RAY
80c3a3af3e1f01ff-CDG
jquery.colorbox.js
qooh.me/scripts/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://qooh.me/scripts/jquery.colorbox.js
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7119d4f8e5761d77f6e5fa97d237ba166209f37ae52514ab7cbc2c7020719b5

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/joinsubway8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:32 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished
origSize=29920
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
W/"5a02b0a3-74e0"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJdKpog%2FyGO1py5gsYF%2F2oEMRs51QL6d5BW1zFWKR7O71GkrwKIEHTejONdgOAh07kZvcDrCAr84zBm5vtjDOFaIAcKVnljLoRi7pXCNNz4VjrQHeuR7FZ%2BH"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=86400
CF-RAY
80c3a3b18de12a59-CDG
FacebookHelper.js
qooh.me/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://qooh.me/js/FacebookHelper.js
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0d3de97e09ca7befbaaae73167158ae334cc0117c61342b99448c0206e713ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/joinsubway8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
5424
Cf-Polished
origSize=5339
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
W/"5a02b0a3-14db"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWM7oXCjVgiqvNUMv0Tatsv0Rld2WPabhi04evMb%2Fo8lR%2B%2B5U%2FI%2Bzz%2BeUiZ0KKoeBQ1BrllYMsJd7pGAIQbDh0fLgR4cdrmFmtJNCqeehtxTMOrEJVJd%2BfAe"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=86400
CF-RAY
80c3a3b18c702a26-CDG
show_ads.js
pagead2.googlesyndication.com/pagead/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
fe061dba891ad749f8c38c80ef61ee6740bd36e4517673dcc8a9e6823c96d153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7885
x-xss-protection
0
server
cafe
etag
9588266032539184366
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 13:33:31 GMT
photo_default.png
qooh.me/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/photo_default.png
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fbd6dbee061c92bfef462e6c78a0596808620a1d1463d6dd713e2eecc03a418

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/joinsubway8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:32 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-4e9"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoSwXfG2BRZjiflG2tquo7bcdHNFIYKN2sN8IIU4xrcGtAhkyeE%2BoswMTXx3khDowY8yC9Uf14j0L0tBjIDllBBrWLZLK3rKaYbRei5las6GsgoqCHbqKTYB"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
80c3a3b3bee52a26-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
1257
bodyBg.png
qooh.me/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/bodyBg.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d950567a1f8eb1adbc9fd8e16bd3a3ea0738fc1814f53582e512eff6a50c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:32 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-d40"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9uFYZPZu1sJNKXKTh24amUwi0yxsa55X3R8jjN5Jqx04Uxvg2VRqHHaxS3VHNP1jBTm20PFTS5iraqhOHZ12h4u4hJ5Ubrhzj3IJGEKc2Eanxk6LfGEimwr"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
80c3a3b239c301ff-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
3392
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
4a827801365cbf34cb5dda5c4d2e03dcaa98c55a6b75ebab7abd08b06c9a3b77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50623
x-xss-protection
0
server
cafe
etag
4392734425010422051
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 13:33:32 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
H2
Server
216.58.206.46 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Sep 2023 11:45:02 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6511
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Mon, 25 Sep 2023 13:45:02 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
body-bg.png
qooh.me/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/body-bg.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3154c36c867d443af5ac6bf35643ec6f144bc0548e224c25e66259767d744ea5

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:32 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-df3"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dYtsCraVGUdJsftVTDiaF5F5CpMVbzON9m0Hnk5UselI0fkR70vykTVSuaBDjBGWQ2v0%2BFLvmPVCt%2F97OyVW3sHYkhIzqjApzTamR6ndXKuiJ5bXRLT95c1"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
80c3a3b499932a59-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
3571
logo.png
qooh.me/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/logo.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce0cba7a42c7a59d3d7ae57bfe8fe657f2de70e27a71b37c3cba1c311e865b6

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:32 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
4047
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
4974
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
Server
cloudflare
ETag
"5a02b0a3-136e"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioEs%2FQTeKuiYQkyd7fi%2BxiIqHiCHKAa6B7%2FgKVZdD9TF1qTBQVprakvGGb7eWsf3CV4NT9OINASC8Px19tSSF8kqTxh7NbspdwPayLNJZ2L7iIB7R4YgOOFl"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Accept-Ranges
bytes
CF-RAY
80c3a3b49dee0051-CDG
content-bg-repeat.png
qooh.me/images/ 		133 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/content-bg-repeat.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cef5f0feadef84070444d9a8dd634a08052ed13d5063b90f1f42bedecd84d

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:32 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-85"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yKoMNlnF2A04sMd3cwFLj1F8EGC%2BU7qOoz1JwgZa6g%2BTQRYv6pd4Psjzov7qUZMtTUN52VfxMjONZBmu%2BI6ZE6yVg4P99KYfuVPlQa01Lko9W5VUEfp9v5I"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
80c3a3b49c6af1a4-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
133
button-grey.png
qooh.me/images/ 		242 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/button-grey.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4814d3116db4148ebd4a5bba756f2e6bfbfa7fd6f08f6322defab1017b028ef

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:32 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-f2"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GM9AxipcuHJXMcCL6gCLdKNmyvT%2F2HHOpmtLAYXftjSvw0hEOResJK8umiACGQDA0BQugA1M6ic07RU%2FnOY6%2B%2BNgfoJOuy43glwQJ3gOihTeblzMLKgYTrT"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
80c3a3b4fd2401ff-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
242
sidepanel-arrow.png
qooh.me/images/ 		233 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/sidepanel-arrow.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d921255f132c765306f6b28b46a5700b9e45c5a9951c38ae830aa8f19f655880

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:32 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-e9"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6piQRzO%2BbZdW7cV3ZJ%2FvCMa02%2FYBw0mG3tzePhfiIuUwP157vbxm3%2Bt9ZMc7WIHE0MY%2BtmyDfT2GD5tFtu3fceAo%2F7PxSHQAN%2BUd3nauw4%2BL8BCCielJ9so"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
80c3a3b65a5b2a26-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
233
tag-btn.png
qooh.me/images/ 		758 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://qooh.me/images/tag-btn.png
Requested by
Host: qooh.me
URL: http://qooh.me/css/main.css
Protocol
HTTP/1.1
Server
188.114.97.3 , Italy, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c06851aa6041915d2767b37507e293bd9aaedbd0c6941bc28a12f175873fcd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:32 GMT
CF-Cache-Status
REVALIDATED
Last-Modified
Wed, 08 Nov 2017 07:22:11 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"5a02b0a3-2f6"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3or6x6iqFwKW77qFahkmNkU6bKdTYbKKEuksoH3DNrweSyNvp2H1IJtxLwQKB%2FR9Gmezghngg9nm%2B7Vpsx26ScCQJxHnd7zB7Bl4IzRI5YHeOIEQB76ec0h"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
80c3a3b57f380051-CDG
alt-svc
h3=":443"; ma=86400
Content-Length
758
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
307332753cb108cf3b0efd9efc8404fb0c57c0548c14e2ac1ea0a204796b6b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131530
x-xss-protection
0
server
cafe
etag
6987620750700532170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 25 Sep 2023 13:33:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/ Frame A74F 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230920/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 13:30:12 GMT
etag
2603938475786422795
expires
Mon, 09 Oct 2023 13:30:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		381 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=qooh.me&callback=_gfp_s_&client=ca-pub-1046108362436506
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
5acf9674866539c4942d36781b05867147bbb8e4a2b2f61b16d2ecf3ee5191b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B793 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812170&bpp=390&bdt=919&idt=1305&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&correlator=6368526665924&frm=20&pv=2&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZDHlR9YVdy&p=http%3A//qooh.me&dtd=1322
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ce758fa916d3adb328bcca480a0ac1fd7c184ed0c88b7a22d54af59201e14da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15568
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 13:33:34 GMT
expires
Mon, 25 Sep 2023 13:33:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A35C 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812173&bpp=388&bdt=923&idt=1327&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=u7PZ0pZsS5&p=http%3A//qooh.me&dtd=1330
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
27215dceb0e3b4e4e05d5e9f3bb19bdbebbf28ab2748f11f5ff81047cbd2022f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
13583
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 13:33:33 GMT
expires
Mon, 25 Sep 2023 13:33:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FAD8 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812175&bpp=386&bdt=924&idt=1330&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=DVr9S2N8Wv&p=http%3A//qooh.me&dtd=1333
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
89fc21ca7ae69c9da945676e7e3fde1115ed281f103bbfed0b0f72331db376b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15543
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 13:33:34 GMT
expires
Mon, 25 Sep 2023 13:33:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D94F 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&adk=1812271804&adf=3025194257&lmt=1695641613&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1695648812577&bpp=2&bdt=1327&idt=934&shv=r20230920&mjsv=m202309140101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3666114337%2C7328249135%2C1032866731&nras=1&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=946
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
b60735ea7e314222082437cd553706feb5221bcd19e27b4d98ab61d77ef9ed3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://qooh.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
4512
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 25 Sep 2023 13:33:34 GMT
expires
Mon, 25 Sep 2023 13:33:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1604178310&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1604178310&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhi...
35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1604178310&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid=1172033964&utmr=-&utmp=%2Fjoinsubway8&utmht=1695648813535&utmac=UA-23732945-1&utmcc=__utma%3D3998191.497366715.1695648814.1695648814.1695648814.1%3B%2B__utmz%3D3998191.1695648814.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=150611719&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
H2
Server
216.58.206.46 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
http://qooh.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 13:33:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1604178310&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid=1172033964&utmr=-&utmp=%2Fjoinsubway8&utmht=1695648813535&utmac=UA-23732945-1&utmcc=__utma%3D3998191.497366715.1695648814.1695648814.1695648814.1%3B%2B__utmz%3D3998191.1695648814.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=150611719&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
/
track.adform.net/adfscript/ Frame A35C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=54110897;rtbwp=ZRGMLQAKgtMKZLAOAAaqgF52-QJKvvNIZU3r7A;rtbdata=RZJi-bke7cMAITi4Vu2eeKnfVyPVqjJKZr6Giu2cfZnbbOWDmUAPVmWUFfyZBaN7ZL0UmD8mX6q_8C_c9PFArLBO08PscS9oArYeA5B6oZ8Wdj8AafGuhqJmsagtXlibrXUubecP9aGnMIqzIab7JfQm6qH1hybeOdtrzbQfEpN6KHLXtwwDKw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CwYAqLYwRZdOFKo7gkgOA1ZqwDpGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmpAkpI81cYLYM-qAMByAMCqgTaAU_QFxFe_b9PtA9uNR994AS9e3rO09m3WWl14LJq2ItAf4d7uwkt8HiiNAr0jCNCsEWmEPNzYSj6pjwT2kPQhqr-9X0t-CMMM5cbjveSYFRFPODLxoZgrDz9qnxtjt6eNUf9xoxAT54lasS0yp9sNw07k137ioirtv5acki3WB0FZwynCnttygB3jksajiYYzfoFrF7ZDZsakAIw7eiBoJrb0EnDn5wzW-KhKodr7yVRKmI7KEtp0itZtvh7YKcpC7xzhPiKUsYYkNsQKgYFL1L8cXV2ZDaeUe2WgAbctv_q1I7Z6YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3Lg_ilWBkAnSoPIz5T9qmSjcvSVg&client=ca-pub-1046108362436506&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812173&bpp=388&bdt=923&idt=1327&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=u7PZ0pZsS5&p=http%3A//qooh.me&dtd=1330
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
baef2c82e27f50c1d9083cd5144370bdba9455bf375a528a4b379e01c08e1aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 13:33:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1453
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame A35C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812173&bpp=388&bdt=923&idt=1327&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=u7PZ0pZsS5&p=http%3A//qooh.me&dtd=1330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 03:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
36571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 03:24:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame A35C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812173&bpp=388&bdt=923&idt=1327&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=u7PZ0pZsS5&p=http%3A//qooh.me&dtd=1330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 03:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
36571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 03:24:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A35C 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812173&bpp=388&bdt=923&idt=1327&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1003&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=u7PZ0pZsS5&p=http%3A//qooh.me&dtd=1330
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Sep 2023 13:33:35 GMT
widget.js
widgets.outbrain.com/n2d/widget/ Frame FAD8 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812175&bpp=386&bdt=924&idt=1330&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=DVr9S2N8Wv&p=http%3A//qooh.me&dtd=1333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 25 Sep 2023 13:33:35 GMT
content-encoding
gzip
content-length
11833
last-modified
Tue, 22 Aug 2023 10:30:48 GMT
server
AkamaiNetStorage
etag
"6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 25 Sep 2023 17:33:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame FAD8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812175&bpp=386&bdt=924&idt=1330&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=DVr9S2N8Wv&p=http%3A//qooh.me&dtd=1333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 03:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
36571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 03:24:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame FAD8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812175&bpp=386&bdt=924&idt=1330&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=DVr9S2N8Wv&p=http%3A//qooh.me&dtd=1333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 03:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
36571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 03:24:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FAD8 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812175&bpp=386&bdt=924&idt=1330&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=DVr9S2N8Wv&p=http%3A//qooh.me&dtd=1333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Sep 2023 13:33:35 GMT
widget.js
widgets.outbrain.com/n2d/widget/ Frame B793 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812170&bpp=390&bdt=919&idt=1305&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&correlator=6368526665924&frm=20&pv=2&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZDHlR9YVdy&p=http%3A//qooh.me&dtd=1322
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 25 Sep 2023 13:33:35 GMT
content-encoding
gzip
content-length
11833
last-modified
Tue, 22 Aug 2023 10:30:48 GMT
server
AkamaiNetStorage
etag
"6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 25 Sep 2023 17:33:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame B793 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812170&bpp=390&bdt=919&idt=1305&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&correlator=6368526665924&frm=20&pv=2&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZDHlR9YVdy&p=http%3A//qooh.me&dtd=1322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 03:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
36571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 03:24:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/ Frame B793 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230921/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812170&bpp=390&bdt=919&idt=1305&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&correlator=6368526665924&frm=20&pv=2&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZDHlR9YVdy&p=http%3A//qooh.me&dtd=1322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f1.1e100.net
Software
cafe /
Resource Hash
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 03:24:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
36571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8282
x-xss-protection
0
server
cafe
etag
5314254467506293444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 03:24:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B793 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812170&bpp=390&bdt=919&idt=1305&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&correlator=6368526665924&frm=20&pv=2&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZDHlR9YVdy&p=http%3A//qooh.me&dtd=1322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Sep 2023 13:33:35 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame A35C 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54110897;rtbwp=ZRGMLQAKgtMKZLAOAAaqgF52-QJKvvNIZU3r7A;rtbdata=RZJi-bke7cMAITi4Vu2eeKnfVyPVqjJKZr6Giu2cfZnbbOWDmUAPVmWUFfyZBaN7ZL0UmD8mX6q_8C_c9PFArLBO08PscS9oArYeA5B6oZ8Wdj8AafGuhqJmsagtXlibrXUubecP9aGnMIqzIab7JfQm6qH1hybeOdtrzbQfEpN6KHLXtwwDKw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CwYAqLYwRZdOFKo7gkgOA1ZqwDpGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmpAkpI81cYLYM-qAMByAMCqgTaAU_QFxFe_b9PtA9uNR994AS9e3rO09m3WWl14LJq2ItAf4d7uwkt8HiiNAr0jCNCsEWmEPNzYSj6pjwT2kPQhqr-9X0t-CMMM5cbjveSYFRFPODLxoZgrDz9qnxtjt6eNUf9xoxAT54lasS0yp9sNw07k137ioirtv5acki3WB0FZwynCnttygB3jksajiYYzfoFrF7ZDZsakAIw7eiBoJrb0EnDn5wzW-KhKodr7yVRKmI7KEtp0itZtvh7YKcpC7xzhPiKUsYYkNsQKgYFL1L8cXV2ZDaeUe2WgAbctv_q1I7Z6YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3Lg_ilWBkAnSoPIz5T9qmSjcvSVg&client=ca-pub-1046108362436506&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:35 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame FAD8 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812175&bpp=386&bdt=924&idt=1330&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=DVr9S2N8Wv&p=http%3A//qooh.me&dtd=1333
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 13:33:35 GMT
date
Mon, 25 Sep 2023 13:33:35 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
b1t-sadc1.zemanta.com/t/imp/impression/5P3HFVTZFMYUDW2M253QSCTST5M57LVOHHACDYKD7DR7OJHV4MHQGY3DAR4HOK5BX6UFIPLRHKIOM43STPOXOQV4RCL2VCE2HKLX3DOIBW4I7B6EMNGCCBR4DTQKPVS52LEICNIM2UC3SBAIX56NNXVTSZ6HOV... Frame FAD8 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-sadc1.zemanta.com/t/imp/impression/5P3HFVTZFMYUDW2M253QSCTST5M57LVOHHACDYKD7DR7OJHV4MHQGY3DAR4HOK5BX6UFIPLRHKIOM43STPOXOQV4RCL2VCE2HKLX3DOIBW4I7B6EMNGCCBR4DTQKPVS52LEICNIM2UC3SBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NOH6IQAN3Y473PORA3G6LOCVFFFXDUBDQQEUIC6OKBGXGFIMMOHVWAYMUCSTZWZU55PQRCNQHVEC7AGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJE6YX32JYVNOI73CH3X2IQQGVWB5VPNICTQRERJBTLHWMHFNKWVAEFZN7Q6EQFOBJ4Q/?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812175&bpp=386&bdt=924&idt=1330&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=DVr9S2N8Wv&p=http%3A//qooh.me&dtd=1333
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.31 Chicago, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:36 GMT
Content-Length
26
Content-Type
image/gif
07f1be0d6bca87af0385b6cd1c120f5a9f.png
zem.outbrainimg.com/p/srv/sha/29/06/b8/ Frame FAD8 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/29/06/b8/07f1be0d6bca87af0385b6cd1c120f5a9f.png?fit=crop&crop=faces,center&thomcrop&w=180&h=90&fm=jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812175&bpp=386&bdt=924&idt=1330&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=DVr9S2N8Wv&p=http%3A//qooh.me&dtd=1333
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 , Sweden, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
444cba8db5cbbc74066e2b7c983eabc21b369b5daa5c20f8b6edbae480724495
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1270810
x-cache
MISS, HIT, HIT
x-imgix-id
8bfa3a772dede001a3c073c6bbf9cd1ba3446e36
cross-origin-resource-policy
cross-origin
content-length
11728
x-served-by
cache-sjc1000122-SJC, cache-fra-eddf8230135-FRA, cache-fra-eddf8230126-FRA
x-imgix-render-farm
01.139848
last-modified
Sun, 10 Sep 2023 20:33:26 GMT
server
imgix
x-timer
S1695648816.801663,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
truncated
/ Frame FAD8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e32b737e55ca825d41e9b47b0171f61603d69026c725b261492c667ec48e04f6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame B793 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.149 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-149.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 13:33:35 GMT
date
Mon, 25 Sep 2023 13:33:35 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
b1t-eudc1.zemanta.com/t/imp/impression/5P3HFVTZFMYUD5JT6IHZN374SFM57LVOHHACDYJVR74AXLHAIN44LNKIR7VOIWMWZFTJH4DKQAFHJDGJA3KSZ6RQ3DPQOPYKE64L3JBV7VWEJCAF7CKQLHI7CQ6GPYZDPNJBIOGME2XC6BAIX56NNXVTSZ6HOV... Frame B793 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/5P3HFVTZFMYUD5JT6IHZN374SFM57LVOHHACDYJVR74AXLHAIN44LNKIR7VOIWMWZFTJH4DKQAFHJDGJA3KSZ6RQ3DPQOPYKE64L3JBV7VWEJCAF7CKQLHI7CQ6GPYZDPNJBIOGME2XC6BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NOH6IQAN3Y473PORA3G6LOCVFFFXDUBDQQEUIC6OKBGXGFIMMOHVWAYMUCSTZWZU55PQRCNQHVEC7AGXRUHVET6LSZ275ICTEPOAWNOQL35GTGWN2FR2LKS4BOQWHD3OANL3J6KFDL6LHHIKBVD3MCWPYA3NCTOSSH6A4W3RDZ7C7FWHKHUMTID2CVN33OQVDA/?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812170&bpp=390&bdt=919&idt=1305&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&correlator=6368526665924&frm=20&pv=2&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZDHlR9YVdy&p=http%3A//qooh.me&dtd=1322
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 25 Sep 2023 13:33:35 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
07f1be0d6bca87af0385b6cd1c120f5a9f.png
zem.outbrainimg.com/p/srv/sha/29/06/b8/ Frame B793 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/29/06/b8/07f1be0d6bca87af0385b6cd1c120f5a9f.png?fit=crop&crop=faces,center&thomcrop&w=180&h=90&fm=jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812170&bpp=390&bdt=919&idt=1305&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&correlator=6368526665924&frm=20&pv=2&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZDHlR9YVdy&p=http%3A//qooh.me&dtd=1322
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 , Sweden, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
444cba8db5cbbc74066e2b7c983eabc21b369b5daa5c20f8b6edbae480724495
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:35 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1270810
x-cache
MISS, HIT, HIT
x-imgix-id
8bfa3a772dede001a3c073c6bbf9cd1ba3446e36
cross-origin-resource-policy
cross-origin
content-length
11728
x-served-by
cache-sjc1000122-SJC, cache-fra-eddf8230135-FRA, cache-fra-eddf8230126-FRA
x-imgix-render-farm
01.139848
last-modified
Sun, 10 Sep 2023 20:33:26 GMT
server
imgix
x-timer
S1695648816.800895,VS0,VE0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
truncated
/ Frame B793 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc569732d6a793fd96fa0bf3f7c4088b0b50114b65f05df00dde0737cf586e85

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/adfserve/ Frame A35C 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=54110897;rtbwp=ZRGMLQAKgtMKZLAOAAaqgF52-QJKvvNIZU3r7A;rtbdata=RZJi-bke7cMAITi4Vu2eeKnfVyPVqjJKZr6Giu2cfZnbbOWDmUAPVmWUFfyZBaN7ZL0UmD8mX6q_8C_c9PFArLBO08PscS9oArYeA5B6oZ8Wdj8AafGuhqJmsagtXlibrXUubecP9aGnMIqzIab7JfQm6qH1hybeOdtrzbQfEpN6KHLXtwwDKw2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CwYAqLYwRZdOFKo7gkgOA1ZqwDpGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmpAkpI81cYLYM-qAMByAMCqgTaAU_QFxFe_b9PtA9uNR994AS9e3rO09m3WWl14LJq2ItAf4d7uwkt8HiiNAr0jCNCsEWmEPNzYSj6pjwT2kPQhqr-9X0t-CMMM5cbjveSYFRFPODLxoZgrDz9qnxtjt6eNUf9xoxAT54lasS0yp9sNw07k137ioirtv5acki3WB0FZwynCnttygB3jksajiYYzfoFrF7ZDZsakAIw7eiBoJrb0EnDn5wzW-KhKodr7yVRKmI7KEtp0itZtvh7YKcpC7xzhPiKUsYYkNsQKgYFL1L8cXV2ZDaeUe2WgAbctv_q1I7Z6YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB&num=1&sig=AOD64_3Lg_ilWBkAnSoPIz5T9qmSjcvSVg&client=ca-pub-1046108362436506&adurl=;js=1;adfxid=1x;9424;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;fd=0|0&CREFURL=http%3A%2F%2Fqooh.me
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2037c926e9bbb8fcce1352198e9e2916926d0541b23a50efc915ae1f83678827
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 13:33:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3115
expires
-1
bd4e7bcd7e.html
tm.ad-srv.net/tm/a/container/html/ Frame A35C 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=d749ea7985&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCwYAqLYwRZdOFKo7gkgOA1ZqwDpGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmpAkpI81cYLYM-qAMByAMCqgTaAU_QFxFe_b9PtA9uNR994AS9e3rO09m3WWl14LJq2ItAf4d7uwkt8HiiNAr0jCNCsEWmEPNzYSj6pjwT2kPQhqr-9X0t-CMMM5cbjveSYFRFPODLxoZgrDz9qnxtjt6eNUf9xoxAT54lasS0yp9sNw07k137ioirtv5acki3WB0FZwynCnttygB3jksajiYYzfoFrF7ZDZsakAIw7eiBoJrb0EnDn5wzW-KhKodr7yVRKmI7KEtp0itZtvh7YKcpC7xzhPiKUsYYkNsQKgYFL1L8cXV2ZDaeUe2WgAbctv_q1I7Z6YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lg_ilWBkAnSoPIz5T9qmSjcvSVg%26client%3Dca-pub-1046108362436506%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110897%3Bcrtbwp%3DZRGMLQAKgtMKZLAOAAaqgF52-QJKvvNIZU3r7A%3Bcrtbdata%3DRZJi-bke7cMAITi4Vu2eeKnfVyPVqjJKZr6Giu2cfZnbbOWDmUAPVmWUFfyZBaN7ZL0UmD8mX6q_8C_c9PFArLBO08PscS9oArYeA5B6oZ8Wdj8AafGuhqJmsagtXlibrXUubecP9aGnMIqzIab7JfQm6qH1hybeOdtrzbQfEpN6KHLXtwwDKw2%3Badfibeg%3D0%3Bcdata%3DfpdAD7fgg7eTircke1AWXGwr33KesJN4yS5voTVArl3e-F4yyOT03D_hrKm5miwYBuHfSmDQP0uuFqwhPKLxp8yECIRnbFRC4fn4X_ACi5i9J7MGGdNOnZhNsUxQwZ3vhfQQj3QSu-U7joi6uMgg0g2%3B%3BCREFURL%3Dhttp%253a%252f%252fqooh.me%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=qooh.me&eVRDB=qooh.me&eVAI=8925566747170456839&rnd=44889&gdpr=0&gdpr_consent=
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
94.130.160.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.160.130.94.clients.your-server.de
Software
nginx /
Resource Hash
4385adcc9a791292d4ebf4c019c904e56f8da41af2c33a9a7c1ed2455479ab52

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 25 Sep 2023 13:33:36 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
text/html; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Expires
0
/
track.adform.net/csimpr/ Frame A35C 		35 B
600 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=54110897&csi=2ZqPg_D6EggsaDsZEYdDjRL2DNC1kvaoZuQ5uxhAbBTrygPkIxxfk8dJl1Zsk3nL0jbXFiWUizCXOwt3cGQnkmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 13:33:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
truncated
/ Frame A35C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03b5a6b0560d64047e790d0eb784964d47aa039023e3d03f5decddac2f43efe0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
b1t-sadc1.zemanta.com/t/imp/view/5P3HFVTZFMYUDW2M253QSCTST5M57LVOHHACDYKD7DR7OJHV4MHQGY3DAR4HOK5BX6UFIPLRHKIOM43STPOXOQV4RCL2VCE2HKLX3DOIBW4I7B6EMNGCCBR4DTQKPVS52LEICNIM2UC3SBAIX56NNXVTSZ6HOVWAHYFI... Frame FAD8 		26 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1t-sadc1.zemanta.com/t/imp/view/5P3HFVTZFMYUDW2M253QSCTST5M57LVOHHACDYKD7DR7OJHV4MHQGY3DAR4HOK5BX6UFIPLRHKIOM43STPOXOQV4RCL2VCE2HKLX3DOIBW4I7B6EMNGCCBR4DTQKPVS52LEICNIM2UC3SBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NOH6IQAN3Y473PORA3G6LOCVFFFXDUBDQQEUIC6OKBGXGFIMMOHVWAYMUCSTZWZU55PQRCNQHVEC7AGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJE6YX32JYVNOI73CH3X2IQQGVWB5VPNICTQRERJBTLHWMHFNKWVAEFZN7Q6EQFOBJ4Q/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.31 Chicago, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Date
Mon, 25 Sep 2023 13:33:37 GMT
Access-Control-Allow-Credentials
true
Content-Length
26
Content-Type
image/gif
/
b1t-sadc1.zemanta.com/t/imp/view/5P3HFVTZFMYUDW2M253QSCTST5M57LVOHHACDYKD7DR7OJHV4MHQGY3DAR4HOK5BX6UFIPLRHKIOM43STPOXOQV4RCL2VCE2HKLX3DOIBW4I7B6EMNGCCBR4DTQKPVS52LEICNIM2UC3SBAIX56NNXVTSZ6HOVWAHYFI... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b1t-sadc1.zemanta.com/t/imp/view/5P3HFVTZFMYUDW2M253QSCTST5M57LVOHHACDYKD7DR7OJHV4MHQGY3DAR4HOK5BX6UFIPLRHKIOM43STPOXOQV4RCL2VCE2HKLX3DOIBW4I7B6EMNGCCBR4DTQKPVS52LEICNIM2UC3SBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NOH6IQAN3Y473PORA3G6LOCVFFFXDUBDQQEUIC6OKBGXGFIMMOHVWAYMUCSTZWZU55PQRCNQHVEC7AGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJE6YX32JYVNOI73CH3X2IQQGVWB5VPNICTQRERJBTLHWMHFNKWVAEFZN7Q6EQFOBJ4Q/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.31 Chicago, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD, GET, OPTIONS
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Max-Age
600
Date
Mon, 25 Sep 2023 13:33:36 GMT
/
b1t-eudc1.zemanta.com/t/imp/view/5P3HFVTZFMYUD5JT6IHZN374SFM57LVOHHACDYJVR74AXLHAIN44LNKIR7VOIWMWZFTJH4DKQAFHJDGJA3KSZ6RQ3DPQOPYKE64L3JBV7VWEJCAF7CKQLHI7CQ6GPYZDPNJBIOGME2XC6BAIX56NNXVTSZ6HOVWAHYFI... Frame B793 		26 B
257 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/5P3HFVTZFMYUD5JT6IHZN374SFM57LVOHHACDYJVR74AXLHAIN44LNKIR7VOIWMWZFTJH4DKQAFHJDGJA3KSZ6RQ3DPQOPYKE64L3JBV7VWEJCAF7CKQLHI7CQ6GPYZDPNJBIOGME2XC6BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NOH6IQAN3Y473PORA3G6LOCVFFFXDUBDQQEUIC6OKBGXGFIMMOHVWAYMUCSTZWZU55PQRCNQHVEC7AGXRUHVET6LSZ275ICTEPOAWNOQL35GTGWN2FR2LKS4BOQWHD3OANL3J6KFDL6LHHIKBVD3MCWPYA3NCTOSSH6A4W3RDZ7C7FWHKHUMTID2CVN33OQVDA/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Date
Mon, 25 Sep 2023 13:33:36 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
/
b1t-eudc1.zemanta.com/t/imp/view/5P3HFVTZFMYUD5JT6IHZN374SFM57LVOHHACDYJVR74AXLHAIN44LNKIR7VOIWMWZFTJH4DKQAFHJDGJA3KSZ6RQ3DPQOPYKE64L3JBV7VWEJCAF7CKQLHI7CQ6GPYZDPNJBIOGME2XC6BAIX56NNXVTSZ6HOVWAHYFI... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/5P3HFVTZFMYUD5JT6IHZN374SFM57LVOHHACDYJVR74AXLHAIN44LNKIR7VOIWMWZFTJH4DKQAFHJDGJA3KSZ6RQ3DPQOPYKE64L3JBV7VWEJCAF7CKQLHI7CQ6GPYZDPNJBIOGME2XC6BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NOH6IQAN3Y473PORA3G6LOCVFFFXDUBDQQEUIC6OKBGXGFIMMOHVWAYMUCSTZWZU55PQRCNQHVEC7AGXRUHVET6LSZ275ICTEPOAWNOQL35GTGWN2FR2LKS4BOQWHD3OANL3J6KFDL6LHHIKBVD3MCWPYA3NCTOSSH6A4W3RDZ7C7FWHKHUMTID2CVN33OQVDA/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD, GET, OPTIONS
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Max-Age
600
Connection
keep-alive
Date
Mon, 25 Sep 2023 13:33:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B793 		0
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CBfHRLYwRZfnSJ-PM5LcPlISQoAfXrJyCbsrq_Lz9EMCNtwEQASAAYPWNu4GYBIIBF2NhLXB1Yi0xMDQ2MTA4MzYyNDM2NTA2yAEJqAMByAMCqgTWAU_QdSj5J5gDIfcuDiGT47RPIkUw41-0tAvnZkQREQj1VHQEPjXumGRF4iqlXqPuTSGu8OOW8NBC0dexmGglDZfFVdfGAK7_rLeR2h6Mz0iBG9f86xnUdeYNyqdcNJZwTFpHqGr1Cp2JcHmVgG8hm8f08iQkSnIP1OgNphbkNKQOR29bK8JDzAwMN03ogMDEAwxTf_M5EZdEUwoUvpCCU7PHXhYqUHXizHStua9r6SnPD6zsJPgIcIISAyXEAqBg5x698W-cIOpcezEabrbHLkJIUl3jKxuABq-Y7-Dbx6650QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTEwNDYxMDgzNjI0MzY1MDYYAA&sigh=fQDY5eLahok&uach_m=[UACH]&cid=CAQSGwBpAlJWT0rUcghF7BpPwSlZM_545cOkp_bJrhgB&cbvp=2&vis=1
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812170&bpp=390&bdt=919&idt=1305&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&correlator=6368526665924&frm=20&pv=2&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZDHlR9YVdy&p=http%3A//qooh.me&dtd=1322
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 25 Sep 2023 13:33:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 25 Sep 2023 13:33:36 GMT
/
b1-eudc1.zemanta.com/bidder/win/googleadx_display/1f9bcfb1-5ba8-11ee-a85a-ac34dc6e4513/ZRGMLQAJ6XkA-SZjAAQCFPxwLB5Eecty4Tuvfg/HQ73PMETENQLMMWYAPPTZ3VQVVGAIAIXTGNQXPMIM5FDO4OIIJVAZLNVPQJUL4UD6BYKIPP... Frame B793 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/1f9bcfb1-5ba8-11ee-a85a-ac34dc6e4513/ZRGMLQAJ6XkA-SZjAAQCFPxwLB5Eecty4Tuvfg/HQ73PMETENQLMMWYAPPTZ3VQVVGAIAIXTGNQXPMIM5FDO4OIIJVAZLNVPQJUL4UD6BYKIPPSI3QFXHRVPL5K2DWCTGMYJFXQPABNBDTMMUKQVRKZMNXQQFTFUITV2QFJYPOVHPAT4VMKWINJX7VPO5YKL5CWM7IBZWDVXTIYBHBJ6VC2PLGU3EXOA6MHTU66WE7EAAMBXWICSXKMODHQS2AJXG6TRIAOA4YBVHX3XOATTJRCTRBQZJQ3REHR4XJV2YLQIICTAL7WBBBOOBDGP6P7XC574TS4J754OZGGJSDB6UA4LKYAMAO4XDKBCB4DCLBV3GNBN352WDGPVV7JQDJI37WEMBOVHRELYUJD2LABGMKPRDTJGFISKCZ2H6ZXJ7KLC7HMDVZ4F2NA4BZ22IESYNNBXEGJI4XGNXFVZHRSDWSH73R7BK24PJNVYWZIYAMIAKJHH3SKR4LAP6HNFFPH47YMNKOIQIDITNF2DCSFRE4WIE3RTLUWFMJ4EIJA/?&cbvp=2
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 25 Sep 2023 13:33:36 GMT
Content-Length
0
ThirdParty
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame A35C 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
73bf38e360808e83c5e94f6089326848f56880e84dc21c7ab1cc538e6f2b83c4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 13:33:36 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:05 GMT
request.php
ad.ad-srv.net/ Frame 4C6F
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=nwtpyrxedwqr&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=http%3A%2F%2Fqooh.me%2F&ancest...
  • https://ad.ad-srv.net/request.php?zone=nwtpyrxedwqr&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=http%3A%2F%2Fqooh.me%2F&ancest...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/request.php?zone=nwtpyrxedwqr&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=http%3A%2F%2Fqooh.me%2F&ancestorOrigins=http%3A%2F%2Fqooh.me&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:qooh.me&extVar[]=AF_DOM_RTB:qooh.me&subid=8925566747170456839&rnd=44889&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCwYAqLYwRZdOFKo7gkgOA1ZqwDpGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmpAkpI81cYLYM-qAMByAMCqgTaAU_QFxFe_b9PtA9uNR994AS9e3rO09m3WWl14LJq2ItAf4d7uwkt8HiiNAr0jCNCsEWmEPNzYSj6pjwT2kPQhqr-9X0t-CMMM5cbjveSYFRFPODLxoZgrDz9qnxtjt6eNUf9xoxAT54lasS0yp9sNw07k137ioirtv5acki3WB0FZwynCnttygB3jksajiYYzfoFrF7ZDZsakAIw7eiBoJrb0EnDn5wzW-KhKodr7yVRKmI7KEtp0itZtvh7YKcpC7xzhPiKUsYYkNsQKgYFL1L8cXV2ZDaeUe2WgAbctv_q1I7Z6YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lg_ilWBkAnSoPIz5T9qmSjcvSVg%26client%3Dca-pub-1046108362436506%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110897%3Bcrtbwp%3DZRGMLQAKgtMKZLAOAAaqgF52-QJKvvNIZU3r7A%3Bcrtbdata%3DRZJi-bke7cMAITi4Vu2eeKnfVyPVqjJKZr6Giu2cfZnbbOWDmUAPVmWUFfyZBaN7ZL0UmD8mX6q_8C_c9PFArLBO08PscS9oArYeA5B6oZ8Wdj8AafGuhqJmsagtXlibrXUubecP9aGnMIqzIab7JfQm6qH1hybeOdtrzbQfEpN6KHLXtwwDKw2%3Badfibeg%3D0%3Bcdata%3DfpdAD7fgg7eTircke1AWXGwr33KesJN4yS5voTVArl3e-F4yyOT03D_hrKm5miwYBuHfSmDQP0uuFqwhPKLxp8yECIRnbFRC4fn4X_ACi5i9J7MGGdNOnZhNsUxQwZ3vhfQQj3QSu-U7joi6uMgg0g2%3B%3BCREFURL%3Dhttp%253a%252f%252fqooh.me%3BC%3D1%3Bcpdir%3D&uidRedirect=1
Requested by
Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/bd4e7bcd7e.html?eli=8869608&cguid=d749ea7985&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCwYAqLYwRZdOFKo7gkgOA1ZqwDpGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmpAkpI81cYLYM-qAMByAMCqgTaAU_QFxFe_b9PtA9uNR994AS9e3rO09m3WWl14LJq2ItAf4d7uwkt8HiiNAr0jCNCsEWmEPNzYSj6pjwT2kPQhqr-9X0t-CMMM5cbjveSYFRFPODLxoZgrDz9qnxtjt6eNUf9xoxAT54lasS0yp9sNw07k137ioirtv5acki3WB0FZwynCnttygB3jksajiYYzfoFrF7ZDZsakAIw7eiBoJrb0EnDn5wzW-KhKodr7yVRKmI7KEtp0itZtvh7YKcpC7xzhPiKUsYYkNsQKgYFL1L8cXV2ZDaeUe2WgAbctv_q1I7Z6YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lg_ilWBkAnSoPIz5T9qmSjcvSVg%26client%3Dca-pub-1046108362436506%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110897%3Bcrtbwp%3DZRGMLQAKgtMKZLAOAAaqgF52-QJKvvNIZU3r7A%3Bcrtbdata%3DRZJi-bke7cMAITi4Vu2eeKnfVyPVqjJKZr6Giu2cfZnbbOWDmUAPVmWUFfyZBaN7ZL0UmD8mX6q_8C_c9PFArLBO08PscS9oArYeA5B6oZ8Wdj8AafGuhqJmsagtXlibrXUubecP9aGnMIqzIab7JfQm6qH1hybeOdtrzbQfEpN6KHLXtwwDKw2%3Badfibeg%3D0%3Bcdata%3DfpdAD7fgg7eTircke1AWXGwr33KesJN4yS5voTVArl3e-F4yyOT03D_hrKm5miwYBuHfSmDQP0uuFqwhPKLxp8yECIRnbFRC4fn4X_ACi5i9J7MGGdNOnZhNsUxQwZ3vhfQQj3QSu-U7joi6uMgg0g2%3B%3BCREFURL%3Dhttp%253a%252f%252fqooh.me%3BC%3D1%3Bcpdir%3D&eVS=Doubleclick+Ad+Exchange+by+Google&eVRDD=qooh.me&eVRDB=qooh.me&eVAI=8925566747170456839&rnd=44889&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
e52811c8ecf27749acde51522ba88026b60896ea848f6b8cebe49d5259d4a4e6

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1580
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Sep 2023 13:33:37 GMT
Expires
Mon, 25 Sep 2023 14:33:37 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
39654500085189804452304012458001

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 25 Sep 2023 13:33:36 GMT
Expires
Mon, 25 Sep 2023 14:33:36 +0200
Location
request.php?zone=nwtpyrxedwqr&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&documentReferer=http%3A%2F%2Fqooh.me%2F&ancestorOrigins=http%3A%2F%2Fqooh.me&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=AF_SSP:Doubleclick+Ad+Exchange+by+Google&extVar[]=AF_DOM_DELI:qooh.me&extVar[]=AF_DOM_RTB:qooh.me&subid=8925566747170456839&rnd=44889&gdpr=0&gdpr_consent=&redirectClick=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCwYAqLYwRZdOFKo7gkgOA1ZqwDpGtxbxc3ebspu4CwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmpAkpI81cYLYM-qAMByAMCqgTaAU_QFxFe_b9PtA9uNR994AS9e3rO09m3WWl14LJq2ItAf4d7uwkt8HiiNAr0jCNCsEWmEPNzYSj6pjwT2kPQhqr-9X0t-CMMM5cbjveSYFRFPODLxoZgrDz9qnxtjt6eNUf9xoxAT54lasS0yp9sNw07k137ioirtv5acki3WB0FZwynCnttygB3jksajiYYzfoFrF7ZDZsakAIw7eiBoJrb0EnDn5wzW-KhKodr7yVRKmI7KEtp0itZtvh7YKcpC7xzhPiKUsYYkNsQKgYFL1L8cXV2ZDaeUe2WgAbctv_q1I7Z6YEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Lg_ilWBkAnSoPIz5T9qmSjcvSVg%26client%3Dca-pub-1046108362436506%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D54110897%3Bcrtbwp%3DZRGMLQAKgtMKZLAOAAaqgF52-QJKvvNIZU3r7A%3Bcrtbdata%3DRZJi-bke7cMAITi4Vu2eeKnfVyPVqjJKZr6Giu2cfZnbbOWDmUAPVmWUFfyZBaN7ZL0UmD8mX6q_8C_c9PFArLBO08PscS9oArYeA5B6oZ8Wdj8AafGuhqJmsagtXlibrXUubecP9aGnMIqzIab7JfQm6qH1hybeOdtrzbQfEpN6KHLXtwwDKw2%3Badfibeg%3D0%3Bcdata%3DfpdAD7fgg7eTircke1AWXGwr33KesJN4yS5voTVArl3e-F4yyOT03D_hrKm5miwYBuHfSmDQP0uuFqwhPKLxp8yECIRnbFRC4fn4X_ACi5i9J7MGGdNOnZhNsUxQwZ3vhfQQj3QSu-U7joi6uMgg0g2%3B%3BCREFURL%3Dhttp%253a%252f%252fqooh.me%3BC%3D1%3Bcpdir%3D&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
adview
googleads.g.doubleclick.net/pagead/ Frame FAD8 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0yJbLYwRZZCWKsWEkgPN8ZLIB9esnIJuyur8vP0QwI23ARABIABg9Y27gZgEggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmoAwHIAwKqBNYBT9C9LJrRN66tTcT7j2iMtHVg9_gaAm7eYzqQ5SXCCsnYOm8V681vq_zwjZz5sgmoBrxUowjfQvQ3hzz6xigjtyKGVhOw89yxPjn43B3wjJfzbgceudzN3LTv7zH37vDtoPYEL2_hk6uM_xFYkhg4NXMpp9S8MNtYs29b2vEF5DlBKFCeNgydlPSeGCa5Xsh2lnEvL1KZdR1TA38R4AZXFTAH5zmJZ5yyfFDQSkBDwUgZ3qgIbVHbNlhycj166XgY39u2JwsJHbPOKgq5q36xDHKffzv3aYAGr5jv4NvHrrnRAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTA0NjEwODM2MjQzNjUwNhgA&sigh=WZMN6_8Vwlg&uach_m=[UACH]&cid=CAQSGwBpAlJWrFdRJPQZGtxLu5dV79Kyhtv10HbW0xgB&cbvp=2&vis=1
Requested by
Host: qooh.me
URL: http://qooh.me/joinsubway8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1695641613&url=http%3A%2F%2Fqooh.me%2Fjoinsubway8&wgl=1&dt=1695648812175&bpp=386&bdt=924&idt=1330&shv=r20230920&mjsv=m202309140101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=6368526665924&frm=20&pv=1&ga_vid=1206274131.1695648813&ga_sid=1695648813&ga_hid=1172033964&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42532402&oid=2&pvsid=3811739528692863&tmod=956012817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=DVr9S2N8Wv&p=http%3A//qooh.me&dtd=1333
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 25 Sep 2023 13:33:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
b1-sadc1.zemanta.com/bidder/win/googleadx_display/1f949072-5ba8-11ee-974b-db28295d7c38/ZRGMLQAKixAKZIJFAAS4zS1tjZa2_l8EKeg-lQ/HJV3PQZ4KOUXHFJTMWMWZJDF3XPVPCZR6ZFKKM4IM5FDO4OIIJVLEDFUW23D5HHAV3CAL5H... Frame FAD8 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B793 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssffWzmaU4bNCwyFHcNj4tXaPoiALtfcaW3-djEjJRQd9SoJ0cUMenk4pxvMyzNqLal6n0IvbTnpuddMpmK--DTyHeyV0GomxQrb0x4&sig=Cg0ArKJSzGnDRqjWjvzLEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1608794313&rs=2&la=0&cr=0&vs=4&r=v&rst=1695648813493&rpt=2412&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 25 Sep 2023 13:33:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cshow.php
www.awin1.com/ Frame 4C6F 		0
0
viewability
ad1.ad-srv.net/ Frame 4C6F 		0
0
cshow.php
www.awin1.com/ Frame D53B 		0
0
truncated
/ Frame 4C6F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/cynamics/tools/js/ Frame 4C6F 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FAD8 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b1-sadc1.zemanta.com
URL
https://b1-sadc1.zemanta.com/bidder/win/googleadx_display/1f949072-5ba8-11ee-974b-db28295d7c38/ZRGMLQAKixAKZIJFAAS4zS1tjZa2_l8EKeg-lQ/HJV3PQZ4KOUXHFJTMWMWZJDF3XPVPCZR6ZFKKM4IM5FDO4OIIJVLEDFUW23D5HHAV3CAL5HNY7APYQ6LPVWKL6GB6OMYJFXQPABNBDTMMUKQVRKZMNXQQFTFUITV2QFJ7CLNUNWQNNHSZSI2JVK2QELABAIGHZRTX2HGWRVBKJKW3DKZSYYDGING5BBZTJDVKYENVQ6QRDK537UR5J45LXTWMC67ZRCMTUQPCBYB5PRD72DLD3DYBIR5AMGJJIJIKHPBPYQXXUGBWTUNHVMSSS3WITJNUUXZQZSHUR3KPSZRX7TUFFC4EN5SHC3WYNJJZTVVG5RSEHGUZQS2KE66GB3BB25TTAZENMULYPHQF6NCFVZVQBYXUGH36AK32AYNVS7AXOFBVB5TFT3XPH6W32HDO3NUVM5U2WE5DXAAEFAJH7HTMFBYADAQBAOHS7LFBHXOJJWUTQ2EOTFBYVEHQRTCGVPF6UYRV5Z7KBLJDRYIGCOJXLH6K7FAUMK2P6JS/?&cbvp=2
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2367338&v=15168&q=361106&r=783431&pv=0&pref2=15168&pref1=39654500085189804452304012458001
Domain
ad1.ad-srv.net
URL
https://ad1.ad-srv.net/viewability?s=39654500085189804452304012458001&a=e494ff00&vb=m
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2367338&v=15168&q=361106&r=783431&pv=1&pref2=15168&pref1=39654500085189804452304012458001
Domain
cdn.contentspread.net
URL
https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXQOYmcH6yBoq992s0rQdWG4lyxnssIQE4HBIYPG6h6jXrZBelYHeKFRmy8Cap3LiCmTQOu2jkhcwEoI3bWLe5QxscpVuARZ-J1wkl&sig=Cg0ArKJSzBuMSgq79FxkEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=783448745&rs=2&la=0&cr=0&vs=4&r=v&rst=1695648813509&rpt=3291&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery string| siteName boolean| mobile undefined| facebookHelper object| facebookDialogTemplate function| FacebookDialogTemplate object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_daaos_ts object| google_erank object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpi object| asptt object| asro object| sepiia object| asiscm object| seiel object| asla object| asaa object| sedf object| sefa object| sugawps object| google_shadow_mode object| adsbygoogle function| initializeColorBox function| get_more_questions function| post_question function| ask_another_question function| follow_me function| unfollow_me function| deleteResponse function| likeUnlike function| update_inbox_count function| chageCharacterCount object| _gaq object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _gat object| googletag

13 Cookies

Domain/Path Name / Value
.qooh.me/ Name: PHPSESSID
Value: fgd7hohp3s0h43osjuufl9ttg4
.qooh.me/ Name: __utma
Value: 3998191.497366715.1695648814.1695648814.1695648814.1
.qooh.me/ Name: __utmc
Value: 3998191
.qooh.me/ Name: __utmz
Value: 3998191.1695648814.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.qooh.me/ Name: __utmt
Value: 1
.qooh.me/ Name: __utmb
Value: 3998191.1.10.1695648814
.qooh.me/ Name: __gads
Value: ID=cdad32a33ee14de2-225c0bbe95de00e2:T=1695648814:RT=1695648814:S=ALNI_MaenyMPnV0nzyeJlDYRgkt3MglPJg
.qooh.me/ Name: __gpi
Value: UID=00000c86e7ef6fe2:T=1695648814:RT=1695648814:S=ALNI_MafjSXdhTTI-XM6aetgZoCXBwvftA
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6502231243771580100
.adform.net/ Name: TPC
Value: 1695648815730
.doubleclick.net/ Name: IDE
Value: AHWqTUn9BffLDnXsTlyJK87Zmhr1Mt0SIV3PPmvIOxu8bNOEBKSNEbUMWilXjsh6V-Y
.ad-srv.net/ Name: u8x7eovwf3h6_uid
Value: d95c87c10fd918b0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ad-srv.net
ad1.ad-srv.net
b1-eudc1.zemanta.com
b1-sadc1.zemanta.com
b1t-eudc1.zemanta.com
b1t-sadc1.zemanta.com
cdn.contentspread.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
qooh.me
s1.adform.net
tm.ad-srv.net
tpc.googlesyndication.com
track.adform.net
widgets.outbrain.com
www.awin1.com
www.google-analytics.com
www.googletagservices.com
zem.outbrainimg.com
ad1.ad-srv.net
b1-sadc1.zemanta.com
cdn.contentspread.net
pagead2.googlesyndication.com
www.awin1.com
142.250.184.226
142.250.185.162
142.250.185.226
142.250.186.33
146.75.118.132
172.217.18.2
188.114.97.3
213.227.153.221
213.227.153.223
216.58.206.46
23.213.165.149
37.157.2.234
37.157.5.73
46.4.10.49
66.225.223.31
94.130.160.12
03b5a6b0560d64047e790d0eb784964d47aa039023e3d03f5decddac2f43efe0
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
09d950567a1f8eb1adbc9fd8e16bd3a3ea0738fc1814f53582e512eff6a50c5a
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
1ce0cba7a42c7a59d3d7ae57bfe8fe657f2de70e27a71b37c3cba1c311e865b6
2037c926e9bbb8fcce1352198e9e2916926d0541b23a50efc915ae1f83678827
27215dceb0e3b4e4e05d5e9f3bb19bdbebbf28ab2748f11f5ff81047cbd2022f
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
307332753cb108cf3b0efd9efc8404fb0c57c0548c14e2ac1ea0a204796b6b08
3154c36c867d443af5ac6bf35643ec6f144bc0548e224c25e66259767d744ea5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3fbd6dbee061c92bfef462e6c78a0596808620a1d1463d6dd713e2eecc03a418
4385adcc9a791292d4ebf4c019c904e56f8da41af2c33a9a7c1ed2455479ab52
444cba8db5cbbc74066e2b7c983eabc21b369b5daa5c20f8b6edbae480724495
4a827801365cbf34cb5dda5c4d2e03dcaa98c55a6b75ebab7abd08b06c9a3b77
549a75e349567add1be9f64d09b384dbd223cfd24bf1968699ba905b41a8ac23
5acf9674866539c4942d36781b05867147bbb8e4a2b2f61b16d2ecf3ee5191b8
62bd121116b457d0864b2a9c58696ae8c520868df36b3ef414ec6142872ef472
73bf38e360808e83c5e94f6089326848f56880e84dc21c7ab1cc538e6f2b83c4
798e9b24d5199d0bfc64aae92c780971e5e9658bcadaed924557b76bb0119952
7c06851aa6041915d2767b37507e293bd9aaedbd0c6941bc28a12f175873fcd7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fc21ca7ae69c9da945676e7e3fde1115ed281f103bbfed0b0f72331db376b8
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a4814d3116db4148ebd4a5bba756f2e6bfbfa7fd6f08f6322defab1017b028ef
a7119d4f8e5761d77f6e5fa97d237ba166209f37ae52514ab7cbc2c7020719b5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b60735ea7e314222082437cd553706feb5221bcd19e27b4d98ab61d77ef9ed3f
baef2c82e27f50c1d9083cd5144370bdba9455bf375a528a4b379e01c08e1aa6
c22cef5f0feadef84070444d9a8dd634a08052ed13d5063b90f1f42bedecd84d
ce758fa916d3adb328bcca480a0ac1fd7c184ed0c88b7a22d54af59201e14da9
d921255f132c765306f6b28b46a5700b9e45c5a9951c38ae830aa8f19f655880
dc569732d6a793fd96fa0bf3f7c4088b0b50114b65f05df00dde0737cf586e85
e0d3de97e09ca7befbaaae73167158ae334cc0117c61342b99448c0206e713ed
e32b737e55ca825d41e9b47b0171f61603d69026c725b261492c667ec48e04f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52811c8ecf27749acde51522ba88026b60896ea848f6b8cebe49d5259d4a4e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe061dba891ad749f8c38c80ef61ee6740bd36e4517673dcc8a9e6823c96d153