www.idrlabs.com Open in urlscan Pro
2606:4700:3036::ac43:d136 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.idrlabs.com/male-hierarchy/test.php
Submission: On November 07 via api (November 7th 2021, 10:37:50 pm UTC) from US — Scanned from DE

Summary HTTP 211 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 68 IPs in 9 countries across 51 domains to perform 211 HTTP transactions. The main IP is 2606:4700:3036::ac43:d136, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.idrlabs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2021. Valid for: a year.

This is the only time www.idrlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3036::ac43:d136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:3... 2600:1901:0:333a::	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:1735	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:353	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE)
1	2a01:7e01:1::... 2a01:7e01:1::ac69:92e7	63949 (LINODE-AP...) (LINODE-AP Linode)
1	13.35.253.70 13.35.253.70	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.17 52.222.214.17	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.194 151.101.193.194	54113 (FASTLY) (FASTLY)
6	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.123 52.222.214.123	16509 (AMAZON-02) (AMAZON-02)
3 7	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
7	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	18.66.112.41 18.66.112.41	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.68 143.204.98.68	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.96 143.204.215.96	16509 (AMAZON-02) (AMAZON-02)
1 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
3	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
3	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
3	99.80.189.205 99.80.189.205	16509 (AMAZON-02) (AMAZON-02)
3	54.85.226.207 54.85.226.207	14618 (AMAZON-AES) (AMAZON-AES)
3	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
3	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3	35.156.230.193 35.156.230.193	16509 (AMAZON-02) (AMAZON-02)
3	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
1 5	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
4	206.189.254.17 206.189.254.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	52.29.20.215 52.29.20.215	16509 (AMAZON-02) (AMAZON-02)
3	54.228.52.99 54.228.52.99	16509 (AMAZON-02) (AMAZON-02)
1	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
8	35.186.236.140 35.186.236.140	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	18.192.177.149 18.192.177.149	16509 (AMAZON-02) (AMAZON-02)
1 2	52.51.212.11 52.51.212.11	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 1	209.140.129.66 209.140.129.66	11643 (EBAY) (EBAY)
1	184.30.25.27 184.30.25.27	16625 (AKAMAI-AS) (AKAMAI-AS)
5 6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
3	2600:9000:223... 2600:9000:223f:f200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
8	107.23.190.127 107.23.190.127	14618 (AMAZON-AES) (AMAZON-AES)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	52.22.84.205 52.22.84.205	14618 (AMAZON-AES) (AMAZON-AES)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2.21.140.74 2.21.140.74	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.156.135.60 35.156.135.60	16509 (AMAZON-02) (AMAZON-02)
2 2	3.120.13.220 3.120.13.220	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	18.196.162.123 18.196.162.123	16509 (AMAZON-02) (AMAZON-02)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
211	68

18 2606:4700:3036::ac43:d136 (United States)

ASN13335 (CLOUDFLARENET, US)

www.idrlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.idrlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:333a:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:1735 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.idrlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:353 (United States)

ASN13335 (CLOUDFLARENET, US)

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:7e01:1::ac69:92e7 (Frankfurt am Main, Germany)

ASN63949 (LINODE-AP Linode, LLC, US)

ipwatch.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-70.fra6.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-17.fra56.r.cloudfront.net

js.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-123.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.141.232 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-68.fra50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-96.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.80.189.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-189-205.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.85.226.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-226-207.compute-1.amazonaws.com

display.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.156.230.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.243 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

bloggernetwork-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 206.189.254.17 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.20.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-20-215.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.52.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-52-99.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com

imps.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.177.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-177-149.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.212.11 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-212-11.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.140.129.66 (United States) 1 redirects

ASN11643 (EBAY, US)
PTR: rover-public-slcaz01-1-1.ebay.com

www.ebayadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.25.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-27.deploy.static.akamaitechnologies.com

secureir.ebaystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:f200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 107.23.190.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-190-127.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.84.205 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-84-205.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.140.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-140-74.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.135.60 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-135-60.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.13.220 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-13-220.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

medianet-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.162.123 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-162-123.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com 1 redirects pagead2.googlesyndication.com dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com tpc.googlesyndication.com	290 KB
20	doubleclick.net 5 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	220 KB
19	idrlabs.com www.idrlabs.com cdn.idrlabs.com	181 KB
13	adsafeprotected.com 1 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	97 KB
12	monu.delivery monu.delivery ipwatch.monu.delivery imps.monu.delivery	187 KB
10	2mdn.net s0.2mdn.net	287 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com	316 KB
9	casalemedia.com 3 redirects htlb.casalemedia.com as-sec.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com	6 KB
7	media.net prebid.media.net contextual.media.net cs.media.net	4 KB
6	pubmatic.com 3 redirects hbopenbid.pubmatic.com image8.pubmatic.com image2.pubmatic.com	1 KB
6	amazon-adsystem.com c.amazon-adsystem.com	41 KB
5	openx.net 1 redirects bloggernetwork-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
5	adnxs.com 1 redirects ib.adnxs.com	17 KB
5	bfmio.com 1 redirects display.bfmio.com sync.bfmio.com	2 KB
4	googletagservices.com www.googletagservices.com	96 KB
4	serverbid.com e.serverbid.com	2 KB
4	yahoo.com 2 redirects c2shb.ssp.yahoo.com ups.analytics.yahoo.com	1 KB
4	dotomi.com web.hb.ad.cpe.dotomi.com medianet-match.dotomi.com	1 KB
4	gumgum.com js.gumgum.com g2.gumgum.com	39 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	google.com adservice.google.com www.google.com	2 KB
3	districtm.io dmx.districtm.io	355 B
3	emxdgt.com hb.emxdgt.com	475 B
3	a-mo.net prebid.a-mo.net	227 B
3	yieldmo.com ads.yieldmo.com	673 B
3	lijit.com ap.lijit.com	2 KB
3	33across.com ssc.33across.com	600 B
3	adsrvr.org 1 redirects match.adsrvr.org	2 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com signal-beacon.s-onetag.com	17 KB
3	rlcdn.com ats.rlcdn.com api.rlcdn.com	61 KB
2	advertising.com 2 redirects pixel.advertising.com	627 B
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	clarium.io protected-by.clarium.io	690 B
2	fastly.net confiant-integrations.global.ssl.fastly.net	123 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	adrecover.com delivery.adrecover.com	12 KB
1	clientgear.com 1 redirects event.clientgear.com	262 B
1	criteo.com 1 redirects dis.criteo.com	501 B
1	sonobi.com sync.go.sonobi.com	478 B
1	ebaystatic.com secureir.ebaystatic.com	487 B
1	ebayadservices.com 1 redirects www.ebayadservices.com	564 B
1	google.de adservice.google.de	792 B
1	lockerdome.com lockerdome.com	428 B
1	sharethrough.com btlr.sharethrough.com	114 B
1	privacymanager.io geo.privacymanager.io	592 B
1	indexww.com js-sec.indexww.com	13 KB
1	jquery.com code.jquery.com	29 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	demdex.net Failed dpm.demdex.net Failed
0	id5-sync.com Failed id5-sync.com Failed
211	51

	Domain	Requested by
15	pagead2.googlesyndication.com	www.idrlabs.com securepubads.g.doubleclick.net tpc.googlesyndication.com dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com www.googletagservices.com
13	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com www.idrlabs.com
12	cdn.idrlabs.com	www.idrlabs.com cdn.idrlabs.com
10	s0.2mdn.net	www.idrlabs.com s0.2mdn.net dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
8	dt.adsafeprotected.com	dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
8	imps.monu.delivery	www.idrlabs.com
7	securepubads.g.doubleclick.net	monu.delivery securepubads.g.doubleclick.net dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
7	www.idrlabs.com	www.idrlabs.com
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	c.amazon-adsystem.com	monu.delivery c.amazon-adsystem.com
5	ib.adnxs.com	1 redirects monu.delivery googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com www.idrlabs.com
4	e.serverbid.com	monu.delivery
3	x.bidswitch.net	3 redirects
3	image8.pubmatic.com	2 redirects
3	static.adsafeprotected.com	www.idrlabs.com dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
3	encrypted-tbn1.gstatic.com	dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
3	dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
3	g2.gumgum.com	monu.delivery js.gumgum.com
3	prebid.media.net	monu.delivery
3	bloggernetwork-d.openx.net	monu.delivery
3	dmx.districtm.io	monu.delivery
3	hb.emxdgt.com	monu.delivery
3	web.hb.ad.cpe.dotomi.com	monu.delivery
3	prebid.a-mo.net	monu.delivery
3	display.bfmio.com	monu.delivery
3	ads.yieldmo.com	monu.delivery
3	htlb.casalemedia.com	monu.delivery
3	ap.lijit.com	monu.delivery
3	ssc.33across.com	monu.delivery
3	match.adsrvr.org	1 redirects js-sec.indexww.com monu.delivery
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com www.idrlabs.com
3	monu.delivery	www.idrlabs.com monu.delivery
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	cs.media.net
2	pm.w55c.net	2 redirects
2	contextual.media.net
2	sync.bfmio.com	1 redirects
2	googleads4.g.doubleclick.net	www.idrlabs.com
2	encrypted-tbn2.gstatic.com	dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	1 redirects dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
2	protected-by.clarium.io	dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
2	www.gstatic.com	dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
2	www.google.com	tpc.googlesyndication.com dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
2	c2shb.ssp.yahoo.com	monu.delivery
2	hbopenbid.pubmatic.com	monu.delivery
2	api.rlcdn.com	js-sec.indexww.com monu.delivery
2	confiant-integrations.global.ssl.fastly.net	monu.delivery confiant-integrations.global.ssl.fastly.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	delivery.adrecover.com	www.idrlabs.com
2	fonts.gstatic.com	fonts.googleapis.com
1	event.clientgear.com	1 redirects
1	medianet-match.dotomi.com
1	image2.pubmatic.com	1 redirects
1	us-u.openx.net
1	eu-u.openx.net	1 redirects
1	dis.criteo.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	sync.go.sonobi.com
1	ad.doubleclick.net	www.idrlabs.com
1	secureir.ebaystatic.com
1	www.ebayadservices.com	1 redirects
1	encrypted-tbn3.gstatic.com	dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	lockerdome.com	monu.delivery
1	btlr.sharethrough.com	monu.delivery
1	geo.privacymanager.io	ats.rlcdn.com
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	js-sec.indexww.com	monu.delivery
1	get.s-onetag.com	monu.delivery
1	js.gumgum.com	monu.delivery
1	ats.rlcdn.com	monu.delivery
1	ipwatch.monu.delivery	monu.delivery
1	stats.g.doubleclick.net	www.google-analytics.com
1	code.jquery.com	delivery.adrecover.com
1	www.googletagmanager.com	www.idrlabs.com
1	fonts.googleapis.com	www.idrlabs.com
0	dpm.demdex.net Failed
0	id5-sync.com Failed
211	84

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-09` - `2022-07-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.monu.delivery Sectigo RSA Domain Validation Secure Server CA	`2020-08-18` - `2022-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
adrecover.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.gumgum.com Amazon	`2021-10-15` - `2022-11-12`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.bfmio.com Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-07-13` - `2022-06-25`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
e.serverbid.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2021-09-27` - `2022-10-29`	a year	crt.sh
imps.monu.delivery GTS CA 1D4	`2021-10-20` - `2022-01-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.idrlabs.com/male-hierarchy/test.php
Frame ID: 905A408912584857AE26C3D9B68DFFA3
Requests: 132 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Frame ID: DA280900DDCEB48E7E2BAEEBD4DCEA03
Requests: 1 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 6E340CE166032AD45DEDFF13D4AA48F7
Requests: 1 HTTP requests in this frame

Frame: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 53D200E5DCF7792B3E47E04C20AE7BC5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D5AF87E09FC031B141ADB19AAD07664D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 804EB00F9CA7452349D275F1DA2C7901
Requests: 2 HTTP requests in this frame

Frame: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 702393BED5362FBC056DDD33477C38C7
Requests: 20 HTTP requests in this frame

Frame: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 568F72C95D6BB7B68DEF1D1CE6E1478C
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNWlMxrmRISLDU7O4lnkRRZHu-2IDrEsuNz0z4okZFOq15nyGk715oyioMS9yNYud8A7YNok4t77rqOvoH0eo9mU4B74HiKn0u5aMfPOgFuwl7_7Hpeq0aomDd_HIMIIwNfXksOZ0vxRyX6RZaOIAs1L4PuYTSSH9tbUkF_1ixvKWF0sIf0
Frame ID: 7418E0751F3F5E96E9696D9D60ACE2A3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5DD9C8CDAE6B4267BC1980AD63CF6543
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 756522644CA66768040C52669D1783A6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14198662164144293378/index.html
Frame ID: 442C65FD838050369B18BC5EBD34B6B8
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: C58F59FCE3C7088086BD4FADAA62A34D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Male Hierarchy Test

Page Statistics

211
Requests

91 %
HTTPS

35 %
IPv6

51
Domains

84
Subdomains

68
IPs

9
Countries

2106 kB
Transfer

4920 kB
Size

76
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://facebook.com/118151358256086
Title: Follow us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/idr_labs
Title: Follow us on Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 148

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD34sLimAEQgAkYgQkyCLhTVvxEnQYN HTTP 301
https://tpc.googlesyndication.com/simgad/2401371329490837093

Request Chain 149

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-157687-884638-9&mkcid=4&mkevt=2&mpt=525540158&ff18=mWeb&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=529704 HTTP 301
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO8qv2IyH4zKWHwKjlphye4&google_cver=1

Request Chain 153

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYhVOS4ElbB2J3kdcmIBTAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO8qv2IyH4zKWHwKjlphye4&google_cver=1

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFcvOoAr_0ZCEp7pgo-O_Us&google_cver=1

Request Chain 155

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3NjQ2NjAzMTQ3NDc2NjkxMw%3D%3D

Request Chain 170

https://pixel.adsafeprotected.com/rfw/st/415630/45225569/skeleton.js?adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fdd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fdd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:97d08e41-c58c-1798-dbc3-966d84e89240,c:tk8KJW,sl:na,em:true,fr:false,thd:1,mn:app16ie,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:166,fm:sO7xxfO+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C162%7C1631%7C164,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:185,oid:53616897-401b-11ec-9051-067f141e2336,v:19.8.263,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 197

https://id5-sync.com/s/441/9.gif?puid=e_a162ec04-6d57-4be6-8318-31b9bfe53888&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=e_a162ec04-6d57-4be6-8318-31b9bfe53888&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/916/8/2.gif?puid=dedd2f0b-396f-46e8-bbea-be52ec813693&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/7/3.gif?puid=57d77296-8400-4eec-af1f-46888628791c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/146/6/4.gif?puid=0a8c8b92-c1b0-49e7-a075-208a34e141fb&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENTlvJH7-EyZThh4lpWnK1c&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENTlvJH7-EyZThh4lpWnK1c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2076466031474766913&opid=apx&ops=&utidl=tech:goo:CAESENTlvJH7-EyZThh4lpWnK1c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A22315425164&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/19/4/6.gif?puid=d6660caf97e5cfe1516a190d16de3a49&gdpr=1&gdpr_consent=

Request Chain 199

https://sync.bfmio.com/syncb?pid=144&id=4d314741-eb1c-4f5f-f287-2372f5f0f5f7&gdpr=0&gc=&gce=1&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=41e8dc7b-6427-45e8-9baa-0830d5676c6e

Request Chain 200

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YYhVOS4ElbB2J3kdcmIBTAAA%261123

Request Chain 201

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=ea68746d-1c06-4252-8c83-7a89000a9a6f

Request Chain 202

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=WjMLw22k1MJQNk5

Request Chain 203

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP548aa64e-401b-11ec-931b-068311666846 HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP548aa64e-401b-11ec-931b-068311666846&verify=true HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP548aa64e-401b-11ec-931b-068311666846

Request Chain 204

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM-jvt56eMpgfSDwIHAsVVk&google_cver=1

Request Chain 205

https://image8.pubmatic.com/AdServer/ImgSync?p=156972 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156972&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkYxRDI0NTItOEEyQi00MDAzLTgyNEUtN0FDMzA3OTAxOUQw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 207

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=5d72e81d-0507-4021-bf70-119674251e1f HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mkd0e5b342-8b3c-43d5-a758-2d5359f19ae7&expires=7&user_group=5&ssp=medianet&bsw_param=5d72e81d-0507-4021-bf70-119674251e1f HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5d72e81d-0507-4021-bf70-119674251e1f&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 209

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/916/8/2.gif?puid=57d77296-8400-4eec-af1f-46888628791c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/7/3.gif?puid=57d77296-8400-4eec-af1f-46888628791c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/441/146/6/4.gif?puid=0a8c8b92-c1b0-49e7-a075-208a34e141fb&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESENTlvJH7-EyZThh4lpWnK1c&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENTlvJH7-EyZThh4lpWnK1c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2076466031474766913&opid=apx&ops=&utidl=tech:goo:CAESENTlvJH7-EyZThh4lpWnK1c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A22315425164&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/19/4/6.gif?puid=d6660caf97e5cfe1516a190d16de3a49&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

211 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request test.php Show response
www.idrlabs.com/male-hierarchy/ 110 KB
41 KB 168ms
140ms Document
text/html 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe2d0e55ffd04640e5be6320608ff352fc3c7dca68d70226dc8f7d18bb3246aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0
expires: -1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5AxnkTCbCnpVyzrEdBmvwvkeJrFyirFDEMcokm0CHXPth6HFLM2J3ZCK2r7gzSHoXb8HkVn4Xpv1tLGTi0GaOCDrCWR%2BBDQRcKcyG3nc2U9Xfgso6b8s%2FuiLOZUdfNYz2xOV9B3HGx5QkSfZLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6aaa0c34df590629-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 min.css
cdn.idrlabs.com/assets/css/ 24 KB
6 KB 28ms
16ms Stylesheet
text/css 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81891be9ab025b1d447a642301e4f12570315514e2d3817752a5c480578365d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 325116
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 11 Sep 2020 15:20:02 GMT
server: cloudflare
etag: W/"5f5b95a2-5f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMVkhClNCxPlWusIM%2BCPcmPenxmHtbmbA7VlzMuSnKHY1aKbYNnNrRAT8wQMZrpt4vybUmaAnm0IB%2FCLbMQNCTbAKLg2bDjq%2FyediQyTKdA2P90Hx09cb1O8jCnnqW5rf6UBpcmca7r2ljOBvkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6aaa0c3609760629-FRA
expires: Mon, 08 Nov 2021 10:17:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ab6745de70cebc6209b53dd59820a04cbf7f480145c925860a2829ce24be3c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 22:16:58 GMT
server: ESF
date: Sun, 07 Nov 2021 22:37:42 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 07 Nov 2021 22:37:42 GMT

GET
H2 200 test.min.css
cdn.idrlabs.com/assets/css/ 11 KB
3 KB 28ms
17ms Stylesheet
text/css 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.idrlabs.com/assets/css/test.min.css?6.19
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2d29fe1b83a44b093a0c5b46eebd5b41895c04032dab8284a81cc33e5ccd02e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 19 Jan 2021 04:42:03 GMT
server: cloudflare
etag: W/"6006631b-2c78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sekM9wPGLs7ZfETNONzw%2Fo8Eago%2FFRDuMkkG%2FTwSg2Z958b28sawUmeutEaxLfRX9HH9%2B3zN%2BH6jY33nNrSdUe%2Fya0RJdd0sdn%2B3pBFkF0x2RnP1JBngd6vU7K9sOG1qb6SyrDnSALX09aRPqck%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6aaa0c3609750629-FRA
expires: Fri, 05 Nov 2021 00:53:30 GMT

GET
H2 200 test-link-unit-compat.min.css
cdn.idrlabs.com/assets/css/ 730 B
615 B 28ms
17ms Stylesheet
text/css 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.idrlabs.com/assets/css/test-link-unit-compat.min.css?v3.2
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5588fd5e5a07fc4a6a51a8eba813ba8023ea2b23016f2aee59ac00da39d3da14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 276457
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 04 Nov 2021 17:50:02 GMT
server: cloudflare
etag: W/"61841d4a-2da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOPpFQ6oGU9KSHMepxtvMgYmG6kznsykKFdtKdcQNG2xZwsVsZLel2zMiHHyGNjsb%2FqzzMdwFQpqA%2FOrgxQJddxVDVo5uf09Y1vQ9eat1AUkyGo1uA3u5UnMmS3vyEFNhjS3ZPE8GAUjPSXfsfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6aaa0c3609780629-FRA
expires: Thu, 11 Nov 2021 17:50:03 GMT

GET
H2 200 test-male-hierarchy.min.css
cdn.idrlabs.com/assets/css/ 12 KB
3 KB 31ms
20ms Stylesheet
text/css 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.idrlabs.com/assets/css/test-male-hierarchy.min.css?2
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f223d3caeb0941af4b41681d5b70be6b00401df1e59619dd87fa8549adb3f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329454
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Sep 2021 22:28:03 GMT
server: cloudflare
etag: W/"6143c4f3-30fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xj8vudlh1NSiVi6l6UaWT%2Bhg1b4vVUVFEHFt9rYRmXw2cGoVnpKrS7Mb7NCGSUjrId62dmiB05wPRcq8VDKN6ZPXMLe2Jy%2Bh%2BE3Lm8pH4tZQyfjGVkwPVGf4suPoi%2FAUuSNmZMuP6eYKcMPbAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6aaa0c3609770629-FRA
expires: Thu, 11 Nov 2021 03:03:55 GMT

GET
H2 200 54a1fb-1ef4-44ba-ab83-7f8481ff624d.js Show response
monu.delivery/site/b/d/ 633 KB
182 KB 202ms
153ms Script
application/javascript 2600:1901:0:333a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e85deeee5b8e99ce645072b12afe0068b6ad49f41598eb2c6874fbc3c047c98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdub8gZXUp54bjJMQQC6_6SUMa2nbk5PbUgnr9U7G6R-gfVk4H--9dR3Jg-LKk26QTvDzAMgdykqeQ741oNGadY
x-cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
last-modified: Wed, 03 Nov 2021 16:00:24 GMT
server: nginx
vary: Accept-Encoding
x-goog-hash: crc32c=YGbvqw==, md5=XYryJPtHpIMzujTwRxVYDw==
x-goog-generation: 1635955224806965
via: 1.1 google
cache-control: max-age=7200
x-goog-stored-content-length: 648608
content-type: application/javascript
expires: Mon, 08 Nov 2021 00:37:42 GMT

GET
H2 200 EN.png
www.idrlabs.com/static/i/test-flags/ 4 KB
4 KB 13ms
12ms Image
image/png 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.idrlabs.com/static/i/test-flags/EN.png
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 567d523603299b74fdce2909d8376036cdc81280b8f562fd00edd01795886e02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/male-hierarchy/test.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 464663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3793
last-modified: Wed, 06 Sep 2017 14:28:02 GMT
server: cloudflare
etag: "59b005f2-ed1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LX4kH8cR8vgLlE3a4b2i8A1F8OkDXiQ3%2BlDasQKM3ZksyGfU8%2FoVlscMzKoTh8rcVpB2K%2BI85EiwvuaioX6R%2BySEi9h0v%2BQLPQOy%2FW1rxPouDoTQVcO7L9GfSmJ74662VnViekFiJ9UeH%2BK3C50%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6aaa0c35f95d0629-FRA
expires: Mon, 08 Nov 2021 10:17:37 GMT

GET
H2 200 PT.png
www.idrlabs.com/static/i/test-flags/ 4 KB
4 KB 13ms
12ms Image
image/png 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.idrlabs.com/static/i/test-flags/PT.png
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a23c0b6ee897564c4d6265aa560fb11a454756aea0a1a4684d5d2e535a4bbe7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/male-hierarchy/test.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3830
last-modified: Wed, 06 Sep 2017 14:28:02 GMT
server: cloudflare
etag: "59b005f2-ef6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlvQQtbmM3gZ6hhHfmuL6kbDd7cC%2FBhaQycfiiJgwainhLXU9DfeKfddnP%2Bdfg4Q5gwO7dl5ah204cmBk9bhb8b76jTy88JLjtDxe6B0NipCprqzrweUjqAOPPPwYV7P4gepRch45U8qcylEel0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6aaa0c35f95f0629-FRA
expires: Mon, 08 Nov 2021 10:17:37 GMT

GET
H2 200 TR.png
www.idrlabs.com/static/i/test-flags/ 4 KB
4 KB 21ms
20ms Image
image/png 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.idrlabs.com/static/i/test-flags/TR.png
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eac50110be4f302279ca9c75cdccad805f49d22d6a3271468270a01ef3a6bce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/male-hierarchy/test.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 464663
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3778
last-modified: Mon, 07 May 2018 17:43:08 GMT
server: cloudflare
etag: "5af0902c-ec2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKlZNiIs3c1n%2B3kusCcl9i7qVtr824D4HgW5DvO%2BGbMpUTRn%2BIwi%2FfYsaZiF0rF3aYwyibBGLQxat6nVaAoMhJYrtMx0AZhUqbgN%2FlRtPmj21%2BfwvtkuUp1IQA5MF4H9UfOKRYFhWw9CXny7uCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6aaa0c35f9620629-FRA
expires: Mon, 08 Nov 2021 10:17:37 GMT

GET
H2 200 male-hierarchy-card.png
www.idrlabs.com/misc_pictures/ 68 KB
68 KB 14ms
13ms Image
image/png 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.idrlabs.com/misc_pictures/male-hierarchy-card.png
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ed09da9e94557b66bb1b5e276469f09e1f48d7fb1b8b6d9168684305422c2f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/male-hierarchy/test.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3818
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 69520
last-modified: Thu, 16 Sep 2021 17:21:02 GMT
server: cloudflare
etag: "61437cfe-10f90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9geWwJcM6OSaX6ffLRTmRDSab%2BesM5qgCsSFW%2B5Wo4Qub6s4BMDX4QF8cJwXUmHM1HvM4jRFBcLV%2FWKJGOpDXJpDbQ0Zf%2FV5oWHnsw6cmiNh%2BVht6yMHVmZYeOnT0mWredKUf6Jyd3N6ZxpuKDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 6aaa0c35f9650629-FRA

GET
H2 200 eu-check.min.js Show response
cdn.idrlabs.com/assets/js/ 373 B
601 B 25ms
18ms Script
application/javascript 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.idrlabs.com/assets/js/eu-check.min.js?v3.1
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f3e7ea17b518b4f09db510225a46097ba164d8a96537d2102884f2abfca0ec7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230753
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 11 Sep 2020 04:03:01 GMT
server: cloudflare
etag: W/"5f5af6f5-175"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpaxGsmdddDqH2wXluJ%2BUYZda5QzPc7A5E4B7mLH3wHnkYT2f19xG9ljw7QxwWgS%2BrehUEPboRffcn3c18YymgwQr%2B29POto%2F9vXHO72%2F1ScpRZU1QQkH1oT45E1PMCvuXuFRs8LksqrTtxmDIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6aaa0c3609800629-FRA
expires: Mon, 08 Nov 2021 10:17:13 GMT

GET
H2 200 test.min.js Show response
cdn.idrlabs.com/assets/js/ 2 KB
2 KB 25ms
18ms Script
application/javascript 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.idrlabs.com/assets/js/test.min.js?1.1
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 212fd7ede64f9740eb66e30545c1f021f835b5c03572ca8e9589c37901da23e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 193719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Nov 2021 16:49:01 GMT
server: cloudflare
etag: W/"6185607d-9f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjAqtjuDMWVr4EypwVWlGE2SGCn6%2F6F%2BXZtOBM0NWY34fU5eRT9eVzWaP7bmcvyD2XpVuFejiUxKIt9NW6wPJ%2BdmNTxeFTj2Lfa%2Fy72Ul1i6H9RmImyFCn29dqFKaQJ4ZglcMRzR2q8u4a1StYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6aaa0c36097e0629-FRA
expires: Fri, 12 Nov 2021 16:49:02 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 67ms
46ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

107abe4a522e8ac6ca1b7df21787fb569049fa9d03b47c0a94acf487bfdeabd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51400
x-xss-protection: 0
server: cafe
etag: 10350152633054909731
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 07 Nov 2021 22:37:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 36ms
14ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-20689305-9

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91d8c42e3ea9d729bd02722d33f36b499f96578c58bb7dbeb05ba5cbb2aa4274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36404
x-xss-protection: 0
last-modified: Sun, 07 Nov 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 07 Nov 2021 22:37:42 GMT

GET
H2 200 mntzv2.min.js Show response
cdn.idrlabs.com/assets/js/ 304 B
518 B 15ms
13ms Script
application/javascript 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.idrlabs.com/assets/js/mntzv2.min.js?v2
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdd9a3e5f93beae071bf6d215271850facbb94b138d92cdae5e749fe42fb14c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 483427
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 09 Jun 2018 18:48:05 GMT
server: cloudflare
etag: W/"5b1c20e5-130"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6Y9ykU0et1AxyyLDTxSMK9A4auJhQh9RNzBuQtpNXo4nqLY%2B0w70pGnnKxecxqAMgabviRwHCaKQ93zF7CV%2FSKhyVAkIVIIUCs6Hw6QOBiBmb5ksvLvVljN9QQqym9I1WbqxR8Wvxc7w7VHlb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6aaa0c3629b00629-FRA
expires: Fri, 05 Nov 2021 01:20:11 GMT

GET
H2 200 test-agreement.min.js Show response
cdn.idrlabs.com/assets/js/ 1 KB
1 KB 17ms
15ms Script
application/javascript 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.idrlabs.com/assets/js/test-agreement.min.js?v2
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63706cba9dbfa38f4472b2c93ab06c8f8699b8e9f4be4c0542482a92fc6d7711

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 547158
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 26 Jul 2018 10:53:24 GMT
server: cloudflare
etag: W/"5b59a824-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkTd1CANhzleCpZHhWgLWQeP%2Feou07%2BOXOU%2FaVV9koxpjVvlaFHjBnQouxj0ttyiK4U8TWX2oSkRSXd9L9IFYUNVzHSMFLErqA4oc3ow6x%2BppWdgcddZJqdvtFw1OPUoQTRb72yG95AT3J7DcMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 6aaa0c3629b20629-FRA
expires: Fri, 05 Nov 2021 01:36:19 GMT

GET
H2 200 logo-2--banner.png
cdn.idrlabs.com/assets/i/ 20 KB
20 KB 15ms
14ms Image
image/png 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.idrlabs.com/assets/i/logo-2--banner.png
Requested by: Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe889951d907fd5d1b2c128f6f4849737e3c4388647555228e23e4856ed57a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.idrlabs.com/assets/css/min.css?2.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 506137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19975
last-modified: Fri, 27 Oct 2017 16:12:45 GMT
server: cloudflare
etag: "59f35afd-4e07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoGPAb0QK5u%2Fc1626hUSC%2BG6rZv0moe8tMR8YgttIx3BqlEqS0ARH%2Fn2Uxb3av43a8xt9%2BdGoj72ITnV%2BgHVQ96eBkzd6pwVvqU4UHNQTUaM7bhR7sQv2oKGRD7iWXClW%2FyGCmVV0WE8XM7GTHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6aaa0c3639cd0629-FRA
expires: Tue, 02 Nov 2021 07:12:04 GMT

GET
H2 200 slide-btn.png
cdn.idrlabs.com/assets/i/ 301 B
653 B 15ms
13ms Image
image/png 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.idrlabs.com/assets/i/slide-btn.png
Requested by: Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/test-male-hierarchy.min.css?2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dedac502ca0c39765cbcaeaea8464cee7eed16289c4627d3ed7cc9c3df7967a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.idrlabs.com/assets/css/test-male-hierarchy.min.css?2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 228243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 301
last-modified: Wed, 06 Sep 2017 14:27:59 GMT
server: cloudflare
etag: "59b005ef-12d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IShJqsY74ZC4HgE1gcrEC7Ua%2BsuRSbUhibRQ2PnwyEm9NL502nhAbHkSzPgsNtNCQQeqX5Rm4JPaQN2BYMaXq9RkSKMD52aNl5GC5JIzXUGRKwcJtwEZciY1qayT%2BasvFtlmcVGXHTEpEzJFovk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6aaa0c3639d60629-FRA
expires: Tue, 09 Nov 2021 08:40:50 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 37ms
16ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.idrlabs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:21:35 GMT
x-content-type-options: nosniff
age: 281767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 16:21:35 GMT

GET
H2 200 fontello.woff2
cdn.idrlabs.com/assets/font/icons/font/ 18 KB
18 KB 34ms
15ms Font
application/octet-stream 2606:4700:3033::6815:1735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.idrlabs.com/assets/font/icons/font/fontello.woff2?18854377
Requested by: Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a17f75640ea7fe968eb8de7ca2e6a8b175b4eac410acb50621d4cd9fc951c5

Request headers

Referer: https://cdn.idrlabs.com/assets/css/min.css?2.5
Origin: https://www.idrlabs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230761
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17944
last-modified: Wed, 06 Nov 2019 15:52:27 GMT
server: cloudflare
etag: "5dc2ec3b-4618"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4M5XQ%2BlQoWmPBjcHNG8KXm5iGpJmuMLwNwDu%2FSKlaxns9YJ%2FCD7pL%2FB9CXFqMHbJagcLOI6NoF9b9vEmnHKld2Gca71Lqv7yBe3%2F0KSmMix%2F4OBlzf7OTldiETm6%2Bt9rgSL4oH3fnqKtD%2Bg3gU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6aaa0c365ef5dfd7-FRA
expires: Tue, 09 Nov 2021 07:24:50 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ 47 KB
47 KB 19ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.idrlabs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:30:38 GMT
x-content-type-options: nosniff
age: 281224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 16:30:38 GMT

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/34059/ 41 KB
11 KB 65ms
18ms Script
application/javascript 2606:4700::6812:353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/34059/adRecover.js?ts=1519175564631
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:353 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3daf4e835f7ef11056bb6d154f869994359cce4013eb48dacde87522b1ea65f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Nov 2021 15:22:26 GMT
server: cloudflare
age: 26115
etag: W/"6187ef32-a2e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 6aaa0c36eb4e5c38-FRA
expires: Fri, 12 Nov 2021 22:37:42 GMT

GET
H2 200 logo-2--icon.png
cdn.idrlabs.com/assets/i/ 4 KB
4 KB 13ms
13ms Image
image/png 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.idrlabs.com/assets/i/logo-2--icon.png
Requested by: Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e0138178b68ba97b31998b5f81143ca66fab58aade2e92ae9ba3a600decbe66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.idrlabs.com/assets/css/min.css?2.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 591343
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3767
last-modified: Wed, 06 Sep 2017 14:27:59 GMT
server: cloudflare
etag: "59b005ef-eb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sElR1C%2FjOSP2dTVAZskl3%2BAst9E5BfKIfmmwab6oIbJ%2BeSPlLO1s7W3LANXUBKFnymv1FkCC%2FAo6kK97cheYdAdUAepG0AKx2ujqVQg0dV%2Fm%2Boh%2BGgZZ8CoebrTMgzOoujZ0L%2FjRHRVS2DO85U8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6aaa0c36aa660629-FRA
expires: Mon, 01 Nov 2021 10:17:03 GMT

GET
H2 200 ajax Show response
www.idrlabs.com/ 26 B
473 B 129ms
129ms XHR
application/json 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.idrlabs.com/ajax?action=eu_check

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1bce502c2075eca34d6f4d631801d70e458714824003a3859565e44b3065e5b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.idrlabs.com/male-hierarchy/test.php
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3E%2FXaodpSMz%2FLXCF110QnfvKCdJobmoxvZJ2pf54GBnmb4oege3wYsN9bYuIav1DYqoFghqtycdUEKrsT0BbXD90koMK6UoHQTEHChNHJqDWgeS1Z4BH02dZU%2BNrLSiwqsBRQ7LAAMTvcv0Mx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
cf-ray: 6aaa0c36ca810629-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: -1

POST
H2 200 test.php Show response
www.idrlabs.com/male-hierarchy/ 106 B
453 B 130ms
130ms XHR
application/json 2606:4700:3036::ac43:d136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.idrlabs.com/male-hierarchy/test.php

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d136 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f62cbebebf1d369ff1dcff161afbadff3660cc8b4bed875a4973cc5c95926d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.idrlabs.com/male-hierarchy/test.php
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ecp2sDc8n%2B0tAERdCf%2FroBu%2BHUcnQBrwZWlQ%2B8YQItsG897y7vfAJhEXF4niK2nU4wiuSgqvvkgtlMdvhVffbJQ5P3%2F29oBqAwz1oYSYfpXapBnhROhsHbSJ4PEK1CBI5J4T8pnBlh0CvdlMn7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
cf-ray: 6aaa0c36daa40629-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame DA28 11 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 07 Nov 2021 18:47:13 GMT
expires: Sun, 21 Nov 2021 18:47:13 GMT
content-type: text/html; charset=UTF-8
etag: 2948287274155451234
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4905
x-xss-protection: 0
age: 13829
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20689305-9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 2196
date: Sun, 07 Nov 2021 22:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 08 Nov 2021 00:01:06 GMT

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 46ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/34059/adRecover.js?ts=1519175564631
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
content-encoding: gzip
last-modified: Thu, 17 Mar 2016 17:52:17 GMT
server: nginx
etag: W/"56eaeed1-14e98"
vary: Accept-Encoding
x-hw: 1636324662.dop168.fr8.t,1636324662.cds219.fr8.hn,1636324662.cds253.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=710350831&t=pageview&_s=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&ul=en-us&de=UTF-8&dt=Male%20Hierarchy%20Test&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=814984814&gjid=1446154649&cid=1953993989.1636324663&tid=UA-20689305-9&_gid=698494329.1636324663&_r=1&gtm=2oub31&z=460371729

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
771 B 14ms
14ms Image
image/jpeg 2606:4700::6812:353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1636324662598
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:353 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:42 GMT
cf-cache-status: HIT
age: 361160
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
content-length: 631
cf-bgj: h2pri
server: cloudflare
etag: "60d2d6c2-277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=432000
accept-ranges: bytes
cf-ray: 6aaa0c378c8c5c38-FRA
expires: Fri, 12 Nov 2021 22:37:42 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 43ms
15ms XHR
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-20689305-9&cid=1953993989.1636324663&jid=814984814&gjid=1446154649&_gid=698494329.1636324663&_u=YEBAAUAAAAAAAC~&z=1250311512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 07 Nov 2021 22:37:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xdomain_cookie.min.js Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 5 KB
2 KB 136ms
136ms Script
application/javascript 2600:1901:0:333a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdufKnl7qmTZN6yGjk57GwyCAq5eJfE6EatU-Y0P7PMqEfnVh5z9UU4qGEBgUIDbhadtSTRdxwAVv3hFE71HEI4
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
last-modified: Tue, 25 Aug 2020 07:36:03 GMT
server: nginx
vary: Accept-Encoding
x-goog-hash: crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
x-goog-generation: 1598340963244234
via: 1.1 google
cache-control: max-age=31104000, public
x-goog-stored-content-length: 4733
content-type: application/javascript
expires: Wed, 02 Nov 2022 22:37:43 GMT

GET
H/1.1 200
OK geo.json Show response
ipwatch.monu.delivery/ 216 B
550 B 93ms
7ms XHR
application/javascript 2a01:7e01:1::ac69:92e7
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ipwatch.monu.delivery/geo.json
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e01:1::ac69:92e7 Frankfurt am Main, Germany, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
server: nginx
content-type: application/json, application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, public, no-transform
connection: close
content-length: 216
expires: Sun, 07 Nov 2021 23:37:43 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 185 KB
61 KB 47ms
8ms Script
application/x-javascript 13.35.253.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-70.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: sCfIJpeEYSsr1Erp9JPQ5XALijjlTltt
content-encoding: gzip
etag: W/"a8f24de78b4dc3ecbbff83b08aa9e411"
age: 47708
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6a2bb6c4-0bf5-4773-8a36-cefcec4742e6
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 014263e4dda4020061af64b081a8e627
last-modified: Fri, 05 Nov 2021 09:22:31 GMT
server: AmazonS3
date: Sun, 07 Nov 2021 09:22:36 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 4ad1795a3ae6c6b7b8c516c7d218d3ef7f69c9d8f4459e5652ddcd4b5ef110bd
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: application/x-javascript
x-amz-cf-id: i603nTITW2w80Qc8Oc8cfpK-roNL3GjzPclq8mhicFWSD2slRDiZfQ==

GET
H2 200 services.js Show response
js.gumgum.com/ 100 KB
37 KB 43ms
7ms Script
application/javascript 52.222.214.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gumgum.com/services.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-17.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8ab7ae9e9ccf94258b9243409edf9356ec6a80a3a44cf664a24e8517861af91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: uaQCCYk3AuiL3fz3.b_BWy8rEFdVxI8P
content-encoding: gzip
etag: W/"d2d6a8fccebd3f1a5411b38cdbcb870e"
age: 17944
x-cache: Hit from cloudfront
x-amz-meta-timing-allow-origin: *
x-amz-meta-access-control-allow-origin: *
last-modified: Thu, 04 Nov 2021 15:39:19 GMT
server: AmazonS3
date: Sun, 07 Nov 2021 17:39:32 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: JJVnLHWElM8R17Z3x3MVMhJDeOvmYNqf1vySjuzUcxNwbMrGRdeIRQ==

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 371 KB
63 KB 30ms
6ms Script
text/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e29cabca3ff0a0549bd35925e50b40cf18f249ac5714a2c30dd2912bb78992cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 22:37:43 GMT
Content-Encoding: gzip
Age: 1839
X-Cache: HIT
Connection: keep-alive
Content-Length: 63952
x-amz-id-2: FXXqOaqnoQcI6XR6lLaeRIQzpeIufOfjuJAjaOzww00dM3Q6ZX7HG+MO59AW6d5iaVQ8QT7OXuI=
X-Served-By: cache-fra19127-FRA
Last-Modified: Sun, 07 Nov 2021 20:28:41 GMT
Server: AmazonS3
X-Timer: S1636324663.125411,VS0,VE0
ETag: "fe65e8c47f4017fb708d695ada7735e6"
x-amz-request-id: FEWPQHE4HM34ENYC
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 47

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 52ms
8ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: okBBdl4mniljyIhAB_yWlERThSsUPvbQ
content-encoding: gzip
etag: fc2e1be4d234471752ea2ebee7e63d1e
age: 464
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1H3EMG60KTV1KKK98JYA
date: Sun, 07 Nov 2021 22:30:03 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: V-OZUHDa241HSMzmdG1KH44aVDlO-vnt2EGt6gRiffCR5ZjeTwmB9w==

GET
H2 200 tag.min.js Show response
get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/ 17 KB
6 KB 30ms
7ms Script
text/javascript 52.222.214.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-123.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: HGYL.siFb.HLK8NXg9tyIeM1N2pdl_47
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 19:32:23 GMT
server: AmazonS3
age: 35222
etag: W/"4c3e8f251a140b2e06634712ba322640"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sun, 07 Nov 2021 12:50:42 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: ZJyyxqh54hfqkbf4aYrZDTUs0KCdDXjf8yJolufusNTiJLhFiejbkQ==

GET
H/1.1 200
OK 182762-63174106385307.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 100ms
16ms Script
text/javascript 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 22:37:43 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Nov 2021 22:25:14 GMT
Server: Apache
ETag: "904b89-930a-5d03a59a9fbf2"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2896
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Sun, 07 Nov 2021 23:25:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 44ms
22ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

9667d3d6230b7be24787e21a112533e378cbf5d81953fef3b9627f1657a53a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1037 / 608 of 1000 / last-modified: 1636149998"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27181
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 07 Nov 2021 22:37:43 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
969 B 46ms
8ms Fetch
application/json 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 17:53:18 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront), 1.1 fc562aab29280948aa0691960bee3d6b.cloudfront.net (CloudFront)
age: 17065
x-amzn-requestid: a8d20fe9-dff1-4d9f-b3a7-a31452a039e2
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C2, FRA56-P5
x-amz-apigw-id: IcfWUFZbiYcFRXw=
content-length: 555
x-amz-cf-id: Zyv5PFa-pTGe_ch7vpwsxNAklb3ivo38zQB29keQCsuc7VWGgglhkg==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 29 KB
10 KB 59ms
7ms Script
application/javascript 143.204.98.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-68.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 099d5a93d27e43c40b29b9f45a57492ca8d87ee45d14d7a83d0ff39735822b3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: x0gR.yq1o4oS4jq28J7nG9U0MFiLgIQ.
content-encoding: gzip
etag: W/"5c1dcd62582070cb2352f625af50ce57"
last-modified: Thu, 21 Oct 2021 09:51:00 GMT
server: AmazonS3
age: 72041
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Sun, 07 Nov 2021 02:37:03 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9ROtXYlae5QW7xsTnJsoX95bRdRhWOeC42xBWao1DZWqDm4f4o1g1g==

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/ 186 KB
59 KB 8ms
8ms Script
application/javascript 151.101.193.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af1684fcf2b488bdbf24c364d9651a7f3912dcfa0a3477d7653d60eb032c06a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 07 Nov 2021 22:37:43 GMT
Content-Encoding: gzip
Age: 818
X-Cache: HIT
Connection: keep-alive
Content-Length: 60321
x-amz-id-2: ZoXerbuYYEyLeqvhcUrZeSXtO8N0RGQB3gzc1l5I8Z1HhRkdN97pi25Z7zyxzxW3XiUU9y7qMm0=
X-Served-By: cache-fra19127-FRA
Last-Modified: Wed, 03 Nov 2021 21:01:25 GMT
Server: AmazonS3
X-Timer: S1636324663.165253,VS0,VE0
ETag: "f0344cfc0fab11fbf956bd005d2814f0"
x-amz-request-id: ZTNSH2ZB4V5E7856
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 306

GET
H2 200 pubads_impl_2021110301.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
117 KB 17ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063428

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8375b6d78687c24c35f1c2fd365d5b88a5f47bb295cc336d114f57daef0c419c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119127
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:33:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 07 Nov 2021 22:37:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 215 B
154 B 31ms
15ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.idrlabs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f5517b6233f9301ccb68b9e51af3b3035073437adc1e11a6fb02351095237284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129
x-xss-protection: 0
expires: Sun, 07 Nov 2021 22:37:43 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
592 B 46ms
7ms Fetch
application/json 143.204.215.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-96.fra53.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 05:01:02 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront), 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
age: 63401
x-amzn-requestid: c6571d96-ff28-400b-8d26-f0427df1be0f
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61875d8e-1b04775c14da9646079e0509;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA53-C1
x-amz-apigw-id: IauOSGqLDoEFyxg=
content-length: 28
x-amz-cf-id: veGARx0fAl2WnbThNrcD1X90PL6myG2HiCeMRy9cqf05MZJcq1xUUg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 57 B
412 B 8ms
7ms XHR
application/json 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 20:24:05 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: Server
age: 8017
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.idrlabs.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-length: 57
x-amz-cf-id: 9NIya-sLk9G9h-OVPvtAEOd_L77MLUx7qK_uo2v-vK2CIvP2pMMWpA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 22ms
7ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 81187
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Sun, 07 Nov 2021 00:04:37 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 7463e2e784b132604afa3cd91a5d39a3.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: pj1sDELTE8DqAb6ljxeP4lolBHaCq5bKwi0vQWQaBb8EcOYYu751iQ==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 113ms
36ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: b099780ffe01c9cb2daae55f783b77b16fc1f3c02754536a03c3c31b70aac467

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.idrlabs.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 07 Dec 2021 22:37:43 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
328 B 49ms
14ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 xdomain_cookie.html Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 6E34 3 KB
2 KB 160ms
160ms Document
text/html 2600:1901:0:333a::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by: Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:333a:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/

Response headers

server: nginx
date: Sun, 07 Nov 2021 22:37:43 GMT
content-type: text/html
vary: Accept-Encoding
x-guploader-uploadid: ADPycdtn7tIceuNwXCBy2gZ4SJ5MvuhJoRunDga-jtBlM-C_LqLFHX-LETq7xr9Ro9VtEe51HyaLxwJHsZKY8bnPfQ
expires: Wed, 02 Nov 2022 22:37:43 GMT
last-modified: Tue, 25 Aug 2020 07:36:09 GMT
x-goog-generation: 1598340969597109
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3440
x-goog-hash: crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-storage-class: STANDARD
cache-control: max-age=31104000 public
age: 0
x-cache: HIT
content-encoding: gzip
via: 1.1 google
alt-svc: clear

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
148 B 135ms
104ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=b-DUUcseur6PS9aKlId8sQ
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 5b0c80c0cadc13f8ef07dd211e2b4ef3b5c3aaef0cf1ab3313ff1275ba8ca3e2

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
746 B 95ms
39ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 9ff2b4e8caa6f3ecc8a280d403de673a9a78e977d9e8b94b9de55e23d683e634

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 07 Nov 2021 22:37:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.idrlabs.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
372 B 108ms
72ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=209362&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225054625fdd7a58%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22bd54a1fb-1ef4-44ba-ab83-7f8481ff624d%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226c8cfd0ca0b176%22%2C%22ext%22%3A%7B%22siteID%22%3A%22209362%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7789724e8c19a370bbd709d7c693b7a8a981f8af37b03ce784a67d30c1ffd2a6

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.27], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.idrlabs.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Sun, 07 Nov 2021 22:37:43 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
225 B 214ms
32ms XHR
text/plain 99.80.189.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-82db8863-a5a9-4646-bfc4-7efa7ca1ddba%22%2C%22callback_id%22%3A%228aaf1f5be0fbe8%22%2C%22sizes%22%3A%5B%5B320%2C50%5D%5D%2C%22ym_placement_id%22%3A%222519487360140255689%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&bust=1636324662936&pr=&scrd=1&dnt=false&description=Male%20Social%20Hierarchy%20Test.&title=Male%20Hierarchy%20Test&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22bd54a1fb-1ef4-44ba-ab83-7f8481ff624d%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 204
No Content prebid_display Show response
display.bfmio.com/ 0
345 B 458ms
116ms XHR
text/plain 54.85.226.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.85.226.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-85-226-207.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://www.idrlabs.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
65 B 259ms
85ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sun, 07 Nov 2021 22:37:42 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www.idrlabs.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 213 B
397 B 243ms
13ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e0cf3dfae638a3dba9811c366dc2da6a3cfa71425c246464eeed9e4937e4a7ee

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 213
expires: 0

POST
H2 204 / Show response
hb.emxdgt.com/ 0
158 B 53ms
16ms XHR
text/plain 35.156.230.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1100&ts=1636324662940&src=pbjs
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
date: Sun, 07 Nov 2021 22:37:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
35 B 44ms
18ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
cf-ray: 6aaa0c39d9d82b29-FRA
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 304ms
279ms XHR
application/json 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d58bd164bd8e3dec743c3e67b9880f29095a7cee2b4eeef7312b23904ef9765b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:43 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5e3f3299-2614-4c3e-8d4a-39a9d64e5d82
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.idrlabs.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 173 B
592 B 49ms
19ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f5bbead2-748f-4f35-a5bf-4d771e962136&nocache=1636324662944&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&aus=320x50&divids=mmt-82db8863-a5a9-4646-bfc4-7efa7ca1ddba&aucs=&auid=540951376
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 0a1921034f490e8b5f2c42d89182f6457ef75c0dff58e989c301e83fa468979c

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.idrlabs.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
815 B 60ms
24ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 386182772151e7747ebe66a2490b3b359d784ebd83bfade6d2cebe614ab83a45

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 45ms
45ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&pid=hVIfI31ifiEh9&cb=0&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-82db8863-a5a9-4646-bfc4-7efa7ca1ddba%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C21807321066%2FFJ401M%2FFJ401M-DDH.C%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: 8R83V2MXEH18JQHYGYCQ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: uSjqvPX4X2xB8Eu3f0_nqWEWPzUDYHYpsm4g95DokxTmU73NAsgAVQ==

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
677 B 53ms
25ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3c0b943766ab10425a01c2f474da801b1a4db989fe9b75e1c0dc30527fcdfe03

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
145 B 242ms
85ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
x-nbr: 1
date: Sun, 07 Nov 2021 22:37:43 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 20 KB
12 KB 166ms
142ms XHR
application/json 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fef98fa930976e1c303a0a8f6b74e564980917146451435b27be54267843afc1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 07 Nov 2021 22:37:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f9957249-9757-4ff2-903d-3095cb6a8fec
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.idrlabs.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
303 B 103ms
97ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=b-DUUcseur6PS9aKlId8sQ
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b2e22288fc574c74863010402596598d2571f42cf5c3645890ab5024abe3754b

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 204
No Content prebid_display Show response
display.bfmio.com/ 0
345 B 443ms
121ms XHR
text/plain 54.85.226.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.85.226.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-85-226-207.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://www.idrlabs.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 213 B
398 B 224ms
12ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: d12b4fed042fb9b25cd8e492d36a5fa973424aeb5a4f2d4075c2bdf80460c063

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 213
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 115ms
63ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
date: Sun, 07 Nov 2021 22:37:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 / Show response
hb.emxdgt.com/ 0
159 B 32ms
16ms XHR
text/plain 35.156.230.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1100&ts=1636324662960&src=pbjs
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
date: Sun, 07 Nov 2021 22:37:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
746 B 131ms
88ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: a90eeb9fd4ab0e6a0213c1e0f9b0e6faaa80a3f444f03a6557645286a2a03ee4

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 07 Nov 2021 22:37:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.idrlabs.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 116ms
75ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f50a17b0c7f&pos=idrlabs.com_desktop_atf_300x250&cmd=bid&req=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&req(url)=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: cc7d5e554a6473755aa27f4f65e22705efef907dfa53d98534342e17757240b4

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
284 B 23ms
18ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
cf-ray: 6aaa0c39d9da2b29-FRA
access-control-allow-headers: Content-Type, Origin

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
985 B 276ms
99ms XHR
application/json 206.189.254.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
date: Sun, 07 Nov 2021 22:37:43 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
114 B 70ms
39ms XHR
text/plain 52.29.20.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.20.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-20-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
date: Sun, 07 Nov 2021 22:37:43 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 413 B
956 B 131ms
43ms XHR
application/json 54.228.52.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=100412&pi=3&bf=300x250&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&ns=10240
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ea5c5dc2efce65965d5a8b13cb1455d371812ba1ba7a09ec82e9377ada890d35

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.idrlabs.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 172 B
358 B 30ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=279c30c3-5ff8-4eb4-b5d7-729d4825b442&nocache=1636324662965&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&aus=300x250&divids=mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1&aucs=&auid=540951376
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 93b0aa4716c14264d3fc29ac247e69c7e45ded52181a4c96beabdab6cb444cbe

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.idrlabs.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
lockerdome.com/ladbid/ 11 B
428 B 455ms
113ms XHR
application/json 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/ladbid/prebid
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 07 Nov 2021 22:37:43 GMT
Content-Encoding: gzip
P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin: https://www.idrlabs.com
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 31

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
224 B 184ms
33ms XHR
text/plain 99.80.189.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1%22%2C%22callback_id%22%3A%2259e5c368e61abf8%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222519487360140255689%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&bust=1636324662967&pr=&scrd=1&dnt=false&description=Male%20Social%20Hierarchy%20Test.&title=Male%20Hierarchy%20Test&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22bd54a1fb-1ef4-44ba-ab83-7f8481ff624d%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
373 B 82ms
80ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=201337&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2260bea4819e18fb9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22bd54a1fb-1ef4-44ba-ab83-7f8481ff624d%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2261bfa94fc99d165%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201337%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c1492de5d2c40e72dd875883b1ebb2b136042e49f7279c2db41005259e5b3f23

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.27], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.idrlabs.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Sun, 07 Nov 2021 22:37:43 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 43ms
42ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&pid=hVIfI31ifiEh9&cb=1&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F20842576%2C21807321066%2FFJ401M%2FFJ401M-DDS.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: EGZ3DCED5H6J80ZKHH3A
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: eLRyBv2cGVvtl7l4I22iZlMxAUGu30nkPfbDcuOvwBCAem6bxkqF7g==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 114ms
76ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
date: Sun, 07 Nov 2021 22:37:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 451 B
985 B 125ms
46ms XHR
application/json 54.228.52.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=cff58691&pi=2&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&ns=10240
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2ce1fa10f163d04363788b4000bb3e828112c267a75f84d15272ace859648154

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.idrlabs.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 213 B
397 B 208ms
13ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 047dec5dac18b3d7469ea10ad19e64e040eb87fd76ca929c707cf8559e28d3c5

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 213
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
292 B 89ms
62ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694ed0175757569cd8f50a17b0c7f&pos=idrlabs.com_desktop_atf_728x90&cmd=bid&req=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&req(url)=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&secure=1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 280a6c489310a42f2e44e4a1a394b6f11143d2d318dd0697ea6b78445fa18424

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
content-length: 62

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
224 B 174ms
32ms XHR
text/plain 99.80.189.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2%22%2C%22callback_id%22%3A%2272f2a11a18f6e82%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222519487360140255689%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&bust=1636324662976&pr=&scrd=1&dnt=false&description=Male%20Social%20Hierarchy%20Test.&title=Male%20Hierarchy%20Test&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22bd54a1fb-1ef4-44ba-ab83-7f8481ff624d%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-205.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 arj Show response
bloggernetwork-d.openx.net/w/1.0/ 173 B
356 B 21ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bloggernetwork-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ce94be23-c282-43f3-95d1-1d9bba5e8d74&nocache=1636324662977&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&aus=728x90&divids=mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2&aucs=&auid=540951376
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 5d5a5c0095fe718c191d87436e9a01949905dddbb7a3c0688f9c3b90e3105ec5

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.idrlabs.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 178ms
155ms XHR
application/json 185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

aab0f3439ac159268205cbb825c984c25831e995f4a9af8729c0009cff56ea1e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:43 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bb489b01-7976-46a3-8d04-4a1b95d7abc2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.idrlabs.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
677 B 34ms
30ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4c58ecea3e709bdb4dd8aa57e391f0e93de65534a7cfb616450d710f574dafbe

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
36 B 18ms
17ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
cf-ray: 6aaa0c39f9f92b29-FRA
access-control-allow-headers: Content-Type, Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 25 B
373 B 65ms
64ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=201336&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22819e967c73915ae%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%22bd54a1fb-1ef4-44ba-ab83-7f8481ff624d%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2282960395bc6bcef%22%2C%22ext%22%3A%7B%22siteID%22%3A%22201336%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d5ed227baf46838ef5eb64898aecaf88501a88fc5857d03b0bfe24599ceffe07

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.27], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.idrlabs.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 12
expires: Sun, 07 Nov 2021 22:37:43 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
17 B 216ms
85ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
x-nbr: 1
date: Sun, 07 Nov 2021 22:37:43 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
985 B 257ms
99ms XHR
application/json 206.189.254.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
date: Sun, 07 Nov 2021 22:37:43 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 204 / Show response
hb.emxdgt.com/ 0
158 B 18ms
18ms XHR
text/plain 35.156.230.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1100&ts=1636324662983&src=pbjs
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.idrlabs.com
date: Sun, 07 Nov 2021 22:37:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 204
No Content prebid_display Show response
display.bfmio.com/ 0
345 B 427ms
122ms XHR
text/plain 54.85.226.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://display.bfmio.com/prebid_display

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.85.226.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-85-226-207.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Type: text/plain;charset=iso-8859-1
Access-Control-Allow-Origin: https://www.idrlabs.com
Access-Control-Expose-Headers: location
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 105ms
105ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=b-DUUcseur6PS9aKlId8sQ
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: a32305a0a242504fac5a267135d123c3ad761e293c2183c60d9b270100704112

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
745 B 111ms
67ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 9248c07a8eda88a4e95028303c5362adbb223a01d24e2559eb3ed22cad1fd1d0

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 07 Nov 2021 22:37:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.idrlabs.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 41ms
40ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&pid=hVIfI31ifiEh9&cb=2&ws=1600x1200&v=7.70.0&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C21807321066%2FFJ401M%2FFJ401M-DDA.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: J1KX6WV6W20Q2QEM4Y8T
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: TyAhiGAgad-NG8J7PDWTNETTk8faSM6KfTMcjwq1MQ7usaZ0xvJZbg==

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
428 B 81ms
17ms XHR
text/plain 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=504384&u=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:43 GMT
X-AK-INITIAL-GEO: CC:[DE], RC:[SN], CN:[EU], CIP:[78.47.208.27], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.idrlabs.com
X-CS-CLIENT-GEO: 12
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 12
Expires: Sun, 07 Nov 2021 22:37:43 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
497 B 39ms
6ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=e7568e7b-4fb0-d043-71b7-6929f1a8fbe0&a=p.l&u=bd54a1fb-1ef4-44ba-ab83-7f8481ff624d
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:49:05 GMT
age: 2918
x-guploader-uploadid: ADPycduhOxe8kMMAONs1lzvXNnk2CCmCe-qPmkh73rgC2IP62KkA5rJOLG62REMBVrjU1dGpyinefOyutOv6WdlR3SUmPjPMyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Sun, 07 Nov 2021 22:49:05 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 39ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=e7568e7b-4fb0-d043-71b7-6929f1a8fbe0&a=s.d&u=82db8863-a5a9-4646-bfc4-7efa7ca1ddba
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:49:05 GMT
age: 2918
x-guploader-uploadid: ADPycduhOxe8kMMAONs1lzvXNnk2CCmCe-qPmkh73rgC2IP62KkA5rJOLG62REMBVrjU1dGpyinefOyutOv6WdlR3SUmPjPMyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Sun, 07 Nov 2021 22:49:05 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 39ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=e7568e7b-4fb0-d043-71b7-6929f1a8fbe0&a=s.d&u=2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:49:05 GMT
age: 2918
x-guploader-uploadid: ADPycduhOxe8kMMAONs1lzvXNnk2CCmCe-qPmkh73rgC2IP62KkA5rJOLG62REMBVrjU1dGpyinefOyutOv6WdlR3SUmPjPMyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Sun, 07 Nov 2021 22:49:05 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 40ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=e7568e7b-4fb0-d043-71b7-6929f1a8fbe0&a=s.d&u=5bf5d574-b65e-4bcd-aa55-03f1e14abdf2
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:49:05 GMT
age: 2918
x-guploader-uploadid: ADPycduhOxe8kMMAONs1lzvXNnk2CCmCe-qPmkh73rgC2IP62KkA5rJOLG62REMBVrjU1dGpyinefOyutOv6WdlR3SUmPjPMyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Sun, 07 Nov 2021 22:49:05 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 6ms
6ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=e7568e7b-4fb0-d043-71b7-6929f1a8fbe0&a=b.r&u=2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1&d=%7B%22utm%22%3A%7B%7D%7D
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:49:05 GMT
age: 2918
x-guploader-uploadid: ADPycduhOxe8kMMAONs1lzvXNnk2CCmCe-qPmkh73rgC2IP62KkA5rJOLG62REMBVrjU1dGpyinefOyutOv6WdlR3SUmPjPMyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Sun, 07 Nov 2021 22:49:05 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 88 KB
21 KB 309ms
309ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2843566811119570&correlator=4135824817668769&output=ldjh&impl=fif&eid=31063206%2C31063213%2C31063428%2C31063183&vrg=2021110301&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDH.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&prev_scp=pos%3D3%26monu%3D320x50_A3%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1636324663&dt=1636324663448&dlt=1636324662317&idt=600&frm=20&biw=1600&bih=1200&oid=2&adxs=343&adys=550&adks=3131761124&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=580x50&msz=580x50&ga_vid=1953993989.1636324663&ga_sid=1636324663&ga_hid=710350831&ga_fc=true&fws=4&ohw=1200&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063428

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

593ebb9e0a61782012d42cf3a01e57ba119e3870e420e9507b911f9d6fd40fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21137
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 44ms
25ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67426b9d007e47f74151e599bc9f6be02030b0e16dcdf707955b961db2ecd706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9408
x-xss-protection: 0

GET
H2 200 container.html Show response
dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 53D2 6 KB
4 KB 96ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 07 Nov 2021 22:37:43 GMT
expires: Mon, 07 Nov 2022 22:37:43 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 459 B
273 B 185ms
185ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2843566811119570&correlator=472898987524523&output=ldjh&impl=fif&eid=31063206%2C31063213%2C31063428%2C31063183&vrg=2021110301&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDA.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3D1%26monu%3D728x90_B1%26directDeals%3Dsticky_bottom%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.18%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1636324663&dt=1636324663468&dlt=1636324662317&idt=600&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1195&adks=3871933039&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1953993989.1636324663&ga_sid=1636324663&ga_hid=710350831&ga_fc=true&fws=516&ohw=1200&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063428

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a38e19c24e07713eff175ef703c0b18cc54d864f44f695f84dece963843c75a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 329ms
328ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2843566811119570&correlator=2929650385263260&output=ldjh&impl=fif&eid=31063206%2C31063213%2C31063428%2C31063183&vrg=2021110301&ptt=17&sc=1&sfv=1-0-38&ecs=20211107&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=pos%3D2%26monu%3D300x250_B2%26yieldmo_eb%3Dapproved%26openx_eb%3Dapproved%26medianet_eb%3Dapproved%26ix_eb%3Dapproved%26rhythmone_eb%3Dnot_approved%26sovrn_eb%3Dapproved%26pubmatic_eb%3Dapproved%26sharethrough_eb%3Dapproved%26tynt_pillar%3Dfalse%26amznbid%3D2%26amznp%3D2%26auction_id%3D28931713-0de9-497a-9e9a-e85ccb677f89%26monu_df%3D0.00%26safeframe%3Dtrue%26hb_size%3D300x250%26hb_adid%3D97181a7c24a5bc5%26hb_bidder%3DappnexusAst%26hard_adx_floor%3D0.15%26big4%3Dfalse&eri=1&cust_params=referrer%3Ddirect%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1636324663&dt=1636324663477&dlt=1636324662317&idt=600&frm=20&biw=1600&bih=1200&oid=2&adxs=353&adys=837&adks=4279634003&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=580x0&msz=580x0&ga_vid=1953993989.1636324663&ga_sid=1636324663&ga_hid=710350831&ga_fc=true&fws=4&ohw=1200&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063428

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c4e238f0ed15390cc889b2c2a3df5056bfa299211c8313c745745d651ae947a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8642
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.idrlabs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110301.js?31063428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 07 Nov 2021 22:37:43 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D5AF 12 KB
5 KB 308ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 07 Nov 2021 20:34:50 GMT
expires: Mon, 07 Nov 2022 20:34:50 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7374
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 804E 783 B
1 KB 37ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

70465b84a79b20922b7378e85c3c1a046dc96f34e4931832146eb590af86fec7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d/tiOIrxZmE6TfdmHljxmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 07 Nov 2021 22:37:43 GMT
date: Sun, 07 Nov 2021 22:37:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-d/tiOIrxZmE6TfdmHljxmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 804E 0
0 47ms
47ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110301&jk=2843566811119570&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
103 B 7ms
7ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=e7568e7b-4fb0-d043-71b7-6929f1a8fbe0&a=a.e&u=mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3A%22%22%2C%22adXFloor%22%3A%220.18%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22FJ401M-DDA.A%22%2C%22isBackfill%22%3Afalse%2C%22isEmpty%22%3Atrue%2C%22advertiserId%22%3Anull%2C%22sourceAgnosticLineItemId%22%3Anull%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3A%7B%7D%2C%22pagePath%22%3A%22%2Fmale-hierarchy%2Ftest.php%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:49:05 GMT
age: 2919
x-guploader-uploadid: ADPycduhOxe8kMMAONs1lzvXNnk2CCmCe-qPmkh73rgC2IP62KkA5rJOLG62REMBVrjU1dGpyinefOyutOv6WdlR3SUmPjPMyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Sun, 07 Nov 2021 22:49:05 GMT

GET
H2 200 container.html Show response
dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7023 6 KB
3 KB 309ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 07 Nov 2021 22:37:43 GMT
expires: Mon, 07 Nov 2022 22:37:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 6ms
6ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=e7568e7b-4fb0-d043-71b7-6929f1a8fbe0&a=a.e&u=mmt-82db8863-a5a9-4646-bfc4-7efa7ca1ddba&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3A%22%22%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22ipin%22%3A%22FJ401M-DDH.C%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A4761247891%2C%22bidders%22%3A%5B%5D%7D%2C%22utm%22%3A%7B%7D%2C%22pagePath%22%3A%22%2Fmale-hierarchy%2Ftest.php%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:49:05 GMT
age: 2919
x-guploader-uploadid: ADPycduhOxe8kMMAONs1lzvXNnk2CCmCe-qPmkh73rgC2IP62KkA5rJOLG62REMBVrjU1dGpyinefOyutOv6WdlR3SUmPjPMyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Sun, 07 Nov 2021 22:49:05 GMT

GET
H2 200 container.html Show response
dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 568F 6 KB
3 KB 285ms
9ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111031659/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 07 Nov 2021 22:37:43 GMT
expires: Mon, 07 Nov 2022 22:37:43 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 7ms
6ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=e7568e7b-4fb0-d043-71b7-6929f1a8fbe0&a=a.e&u=mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1&d=%7B%22auction%22%3A%7B%22floorType%22%3A%22hard%22%2C%22dfFloor%22%3A%22%22%2C%22adXFloor%22%3A%220.15%22%2C%22refreshCount%22%3A0%2C%22hb_bidder%22%3A%22appnexusAst%22%2C%22monu_df%22%3A%220.00%22%2C%22ipin%22%3A%22FJ401M-DDS.B%22%2C%22auctionId%22%3A%2228931713-0de9-497a-9e9a-e85ccb677f89%22%2C%22isBackfill%22%3Atrue%2C%22isEmpty%22%3Afalse%2C%22advertiserId%22%3A28192296%2C%22sourceAgnosticLineItemId%22%3A5523952454%2C%22bidders%22%3A%5B%7B%22bidder%22%3A%22appnexusAst%22%2C%22cpm%22%3A0.006705%2C%22size%22%3A%22300x250%22%2C%22timeToRespond%22%3A170%7D%5D%7D%2C%22utm%22%3A%7B%7D%2C%22pagePath%22%3A%22%2Fmale-hierarchy%2Ftest.php%22%2C%22referer%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:49:05 GMT
age: 2919
x-guploader-uploadid: ADPycduhOxe8kMMAONs1lzvXNnk2CCmCe-qPmkh73rgC2IP62KkA5rJOLG62REMBVrjU1dGpyinefOyutOv6WdlR3SUmPjPMyg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
x-goog-generation: 1499850799559224
cache-control: public, max-age=3600
x-goog-stored-content-length: 37
accept-ranges: bytes
content-type: image/gif
expires: Sun, 07 Nov 2021 22:49:05 GMT

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame D5AF 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 259126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 22:38:58 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 42ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110301&jk=2843566811119570&bg=!SkmlSQ3NAAYH3anuB907ACkAdvg8Wj9fBcYgRYfTKN1So4jDMx7Z10AYPcXxALFrNruSWsK-AE2r4wIAAABVUgAAAAhoAQeZArGmUQukCsBZ2o-3-h7jTKClYbbuWACWvtEnc8jC5RwWNPl1QwpDVV1bZW98X_x7IEHkYNU2jLlYdw0tXBx8zk29eTgzbldOIrHkYcP6A-bztF8svs6zjCFWhlUoNqmaAT2HeeBPKUYnIS1g_oSItwxLZGdJ8x8CoE9FnRkOIrwkPb51LSzqMYbyUFinsbYfz1-mJ7niaxP96YLcL1suUAcmZ7zmxE80NQiOKYPi3HTo-IMuL70dx120nj2_3LSOF-6yKjvhU3X5kYe9uXf7FmrUVs1N08p8f2aTVS4jDraYx2q0GD5XUp6r6uf6PXep0rTy8eUgyKNwAhLcp2hF1Vawpi6HqBE-sr-3Bp3ftGkRSLAnLzobI2soQse12Md6FjLKIAGT7WqJkFtIVO2bn_UrD01ZyGthYggylLt8aZDRD7IS-4WBMgO6dPGWx3TSr02TfphVpmEUBf5MihZPSlwgr5YiOd7qryRoJcMxbMS_2fnp1OFrqClJ1KTgqWYhsZt28IO18MxIMthEB3GD6qW_KKCqHn31kGrvfCdIUnlsdkF_A6Oiq1EBvIFe_c0LFwzmj8kHDZkMOtzHGmaWePfdrFWcBhj8SIaN0rO-tprlbt70ILNofQ4rt0h5f4XJQf1FO9rQClD73OgTV11FlsCQ9XECcScpYgSgckc7tWKBy-AaR2xCwZiPk-_c1xkDQWMCwhjtKb9o27oyu-nTSvg0Ug7ErYTUAKoFsa7Cq6QZn_9b9WI9PVQqaPjv_5Fyyz2kjC14aZA9w7pIQ9rh5rOq2nhGh8JmYPQerB67cWRNVQ6iO9BxbSjfGzTaH9vx3MT0RmGYHcGEGEmKL-QZQwnpmSpXVC7A2Kv45C1kj_Lu_9BAhTePqb5HfgYUVN4_jZMpQBqQrIeQKqW9qZDW5g8A2Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b6c1ef2ba718655096e7e7c9cd7f6001.js Show response
www.gstatic.com/mysidia/ Frame 7023 11 KB
5 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6c1ef2ba718655096e7e7c9cd7f6001.js?tag=pingback

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85cffc3ea03a13a34a0840865f223c69988c6001820d74b50a7f85831611272e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4913
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 04:53:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 02 Feb 2022 05:10:56 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 7023 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 879
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 22:23:05 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 7023 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 22:31:47 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 7023 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 22:34:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7023 120 KB
37 KB 57ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 22:37:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 7023 15 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 22:28:10 GMT

GET
H2 200 5193475774055ccce470a7af02e48ef6.js Show response
www.gstatic.com/mysidia/ Frame 7023 27 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 04:53:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 31 Jan 2022 05:32:03 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 7023 68 B
345 B 34ms
10ms Image
image/png 18.192.177.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzIweDUw&v=5&s=v31fju8pp03&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERILkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTgyZGI4ODYzLWE1YTktNDY0Ni1iZmM0LTdlZmE3Y2ExZGRiYSJ9fQ%3D%3D&sb=undefined&cb=3689222&h=www.idrlabs.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekl3ZURVdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiIzMjAiLCJoIjoiNTAifSwid3IiOjJ9
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.177.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-177-149.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7418 624 B
592 B 321ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNWlMxrmRISLDU7O4lnkRRZHu-2IDrEsuNz0z4okZFOq15nyGk715oyioMS9yNYud8A7YNok4t77rqOvoH0eo9mU4B74HiKn0u5aMfPOgFuwl7_7Hpeq0aomDd_HIMIIwNfXksOZ0vxRyX6RZaOIAs1L4PuYTSSH9tbUkF_1ixvKWF0sIf0

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 07 Nov 2021 22:37:45 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 07 Nov 2021 22:37:45 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 568F 26 KB
14 KB 334ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwhteFYnmn37YtB0l2_QehF3UVLFfc5PW-t2TdjnnqnjnY3LwW-4-ONGGbH_XifHxLV2rEz2os4QIp9yJdQfjUhtaHnP4E9sCGDBozKEtLKcQKxzh_z7k_xv63uycnQpH9W6KNoyxWQXK2XNACNvpaUw-MQg&cry=1&dbm_d=AKAmf-CQO_5C5-qheWXoOevT-wP3mJLt5OMkmOoUi9FTSwfs8reZwgfZdqc5dXEQKAZXXoAeqlE6Or62UvMGmu07aWvBqXZzQPD2qcuxGDxCVDHlX4vKySF0Wa-M86mdZ-qbIAT1-Leyuh1PCHNneXJuIPqa_NNTV7KMN0s7zjf2wZVZVE6nIGB3bofJoSsJbR5k4XB-RNgpfHd7p6P47XQtPiC7mp9barwTVwUCaStVkrHwPJPdI2sMaP8Om2GZ5JP927sL-RvCUkzgs0TyU7EaxquaOQyZMAU99mSEp_sCLRSZDGCuQiVN2LyKAzuxkWlqdz8qWZozbO_8ChhkTcQIpUzp4TtY2cvisg0Sv-VtEH19CloCrRpCah_4-rXUa6ZsJhHRvEKEHSqUz3XGBf2wsqEt4gbEuFe-NL0bItosOfpuBpk9uJCWQDBvW8qCFMNuRRq_2zu1DFlIuwh8k89zUzrfsUTkwIzjz6Qn0iZiu1-iQRiiR_wlNswSShedIpcQhQiady49MtgY0o7pe5Sa0U99ieWy8GcE_flsm43DKIGdgYwIGWAjbqjrRzk5OHa80kHrs-P4L60RF7bdyHQEl6sfnPCY1ADri_c8XyC5cjqZlVPBLDuZMJSizZquNhKpNIButphklcl8rWa-1wc0_Nq1DyHOD06yy9Y_vMJ3xQhSRQd9SqjQISKsOgecj0MyBEVHx8qD8CVuSbClV4imQI0MSwMWdx7bR6QHdWVXZovrWsT68an_O8KkJPrfQcRYfrkfnOJp47nZx3kIvfR3sfzeVc22KhLzPEe5It5Xqj-ptAGlHqdgGhqByLMb9tStFmFZAjTHLFCuq5AaIdjLtbpX-rnKsEaj_pkaSD7b_xMeopYBhFk-_b8M2UWJAdyJ6a-TVOMMStpPEXv9E8s9Xppq9KRLm1SVwuIOPNbUXajA2FkOJS61OGSxXZRc5m_Husk6au0W32duQbbXlbwntMPvBG_wegjBrXys7jXFuQw6q3td24LlcmY12VMQTRMA8dKOtwPGfugjz7h9e5W1i0So9FuWT_eyVKfylRYHZTsVn8yCSzdt9BJHQ6Dwr-Bp-5BuAZQH6wZY55trz6Pe33P9JreJ9-D00yU9XABauCx8AFgHBGiVcsAS2Fph8YBz7tT932stXl6UiNjcET71DTIwsTAhnN0OPru1etJWswuuZY4DCf6W4vsxQlYwTOFT37UwSF5daZgHzwwkrzgvAf9CB3HZAhK-snX6t2rNfkoST6VJwm1ckJTfg8cjU39bdGRlH9PNfecRTq1rMTe8j7fFFcqbzVfTnlw4S72y2qRfzMbklHiVmWfFXOUj2kKjRGzReec536k9wwxFdSeH60B8gq_XcFESkW7adLykGYwOD47WcdvRNZ_qq9qbtwQLrUt-MYevxMuEWWsdwevaPQqYqsCmlcrxajEjLWSaftsQMjqexXfB2KiNfI-lpCevJVzMr1LNEUiBK7Xp2mTcY-_ki0BgIkxJtUFF9v01W_Eph0-gvPcvOijesQtYApJcY1b_bsZ9d8MLMTGEWQCaLaX8I1FRg4HRlHpPjHwXWiLdxs5kGwC1Qn8zXNICcbNlZjMoq9p0RNPhu9OJw2jxFh4r3g96RHXUlv4GwZuPdbYOAF7jxYBqvfIYwMYGOtSyR0B1b-j9-s5NhQ_aFkHLBsYseRPjglj81WIaKQZ__7t60m6KDTlrzcAOv1onX-qZABHjBC0bPX8WeSVY_sB7gA_9wfUm_USaqkjMUxMoUfSiqJTaPkDy_m2kKlOBt4FXs393Wns9N5cOgHynVMk0rQTP9Cmx8pRlFhS_k-TUn-DyY4tlET4pc1RCfbcsubIQOHU3r9hZAStAP1ZJQo_IUYigywvvnQpxuG7-RU09fQ9SJqxLls0gP-TMCdheDSrxoe7R7vk8fevQgl37gnannIsmdynEHkfkj-_dRtyvc-USC0Q1lGOoG_ZLyyYmcb3fLfC9nDYrBkvzRr4WNIqPn7vo34Ga016GXFC1s9GfF5BS6qqCxZhO3N1pa2O3_wj2mWAUAf8aFF5fRleFw9TKqMNbCaVRAqgIE0Rn1m8rw8Q2tPOJc29tI7Wyme79Hg661GkuvnRGmiXVl4VDdnCEyhT4TsrP6pLBmfVCtNWM0qeuteYjsd_SIKfg0RW6ocL-nnbJE_AFYmhaC53GoBtV5EChgwSlMdJABdiYFBG2Ajr8MEYs2903JWNCeVdrYXSTqcCcYoIFsu781Tfc2PlF307jHsfst4GyPQVP9j5sfHmf5g5u-aQ_0PrHFbC_kaypyBU5hbgCqoH-Vcd9IDlqLDWfLrAfnrVALgQMdkEbDhb2ATjVSPT4MesV59fQsCJbTqYOP8SN43td_3hAJPzRdUkIuoKIjf0-e0vyMcro_0AFMFcDidP6iAHRu94dxAQW_V11kDjJYbTp_aTM7w-XD-ahBqhP8zyiwuz1kun8xMd2jm9s8anuBHJNlTsaqJBEtZk6QGvf95aIh6mJWe2Uk_ymld_2ZJTQCJMzeY9bHjM3xLxxN-tcEcBGr0teFVZQMRJhUYJA7yjkwd-8vTOQMEAxeetvP6-yVlA4ob--VqqPO9ehX2Ve_3dUj1maUyPMZFGuU-IW4CiSevMVsTJLQSknXLDHhqHZNpqhcKqswWnmCm8uhRU6_7ayWOV4uiXBYTJSsppZMIcd6WR7cqqF60BK8-_0BKA09dcQHRFJ6NlfPsM54umMS3SxY_RdWMrGkwfDE3ioSqr3hn76fdHtRQQFNJhKEsfBxwWI7uwCd-PYObrVfqz5Ij3ugP7b9kWN1fJ6-yS8vx90X7P4NsCDsWYv3ycP6s8eDKH7P4e86abklFxR4gX2UN5dmhZvm08Co7akCuzDbriOHiojCAjo-94OgtBn6zD_Dc5FgMor-k2w6bmGIq4ei0KLwpRRvmqVxjpbcu8rirbXz6-mqj83it7rRXcrkuRmlFlosme252yzCaPZC0aw1-ianJvBfea7ApbyBWrVFThNwhoGHuZ00fyd23C_c5_uJlRTxh7D2h-nijkjlP140v1_sldsgWWjiCmTbfwPUigfT-6qN4pjpEtbe0pVzmZblwn0lqcET0WxMWO24QrkDyS__Y9Y6XIutTIkaqdewuivSD-ji4IRO_L03mBZw0a8rbbDVtSZUUhII0pSg9_SuIDUGklotjUUvjFrOlUioDOS69Hbf5bjJVyio4MubiIXcx-euqhoh32eDkqhoM29VMyggo5nmfUeJ5sLCFEHmlKgSA3Ftj_G5MY8mwVsW9286NfqKfGUN406sgmBSRwrD-3OpSOZ3ctPsqd9FLSMsq771Dxhfyc4MRmFWDLp2WIjYMUrbe1owi1J7yUqN2n5kjexzV8qGACyRWaxTmCHkcy7xmas7RCpqgRxScRS59ZAbJMkuR8oLnaiWbIWLMOjdl45UqSM_3AEhaoGVnn51mfuvKQY1J4eo-22yO-aqQ&cid=CAASFeRo5wjzBNy06R2cRWEuDmEmOVaBcw&rfl=1%2Chttps%253A%252F%252Fwww.idrlabs.com%252F%240

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3fde4c8f30e528a11005ddc838a1f1cd3179e32d8ab856cce90d490a41e4946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13705
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 568F 42 B
110 B 39ms
38ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A1-c4fvi1whHz0c5VSEVuLU_9NIFmwrVLC42q0VsWAMCX55_n9O6NUDT-a14SI-8QKr27CwhztqY00SQTRc0tO66KqxuqEMpBRh3ZSxKAX7tiP0_8

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 568F 9 KB
5 KB 309ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4451
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 15:55:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 07 Nov 2021 23:22:45 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/415630/45225569/ Frame 568F 46 KB
13 KB 173ms
58ms Script
application/javascript 52.51.212.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/415630/45225569/skeleton.js
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.212.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-212-11.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 56387e3ec71a36e8829b7f9420ce6e624ad0c331f81a801264f56d58626be371

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:44 GMT
content-encoding: gzip
x-server-name: app16.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 568F 3 KB
2 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 22:34:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 568F 120 KB
37 KB 319ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 22:37:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 568F 15 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 22:28:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 568F 0
0 16ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaScv7daRCjtgta6HyPnUjnjI2LtCNqkJK54RbCKuRx6iI2iAbPuCirBsj4luarYKKh_-LsagXqJgG61btrfvIanFh9UvA
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 568F 68 B
345 B 40ms
10ms Image
image/png 18.192.177.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDI1MA==&v=5&s=v31fju8pp1o&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTJkMGYwZDZkLWZjMzctNGU5Ny05ZmQzLWY0YTc4M2VmYTZkMSJ9fQ%3D%3D&sb=undefined&cb=1589088&h=www.idrlabs.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.177.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-177-149.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:44 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7023 19 KB
20 KB 37ms
7ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR8htFRHeScDnfYs2ozPU-KjM8JDDrH9KmTqu0t4TsvfUao_1ZEXSSDtrjN3Q&usqp=CAI

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e1fd9dc3289c279bf15ee7b924d4c0feba817a5e3a55648a5ab315f6b88fd08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 17:56:03 GMT
x-content-type-options: nosniff
age: 448901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19455
x-xss-protection: 0
last-modified: Sun, 08 Aug 2021 03:59:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 02 Nov 2022 17:56:03 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7023 45 KB
45 KB 55ms
7ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcT2xbJj6cfoJ13nAOUCil6iVvVSnJFKMSzO_KSqnBAHhJXeam9DlzriT_r75a4&usqp=CAI

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3227b5358eb58ebe176688f82f5cdaadf3e66563278646e4fc949761376ed182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:36:41 GMT
x-content-type-options: nosniff
age: 493263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45862
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 01:04:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 02 Nov 2022 05:36:41 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7023 43 KB
43 KB 41ms
12ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRTFhdos4a03B6YEO4OcKKrPDf9USOHbG3XF-8IihJqjvGO_HRT&usqp=CAI

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ae19bc081dfc0396b0eb105e1af3c85c2f96b15a0381e832b0740e75782c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 02:33:35 GMT
x-content-type-options: nosniff
age: 245049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44084
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 01:15:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 05 Nov 2022 02:33:35 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7023 27 KB
28 KB 60ms
13ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQf3oNBPHNGHvmxM_CqIirlWZxRwJKLQ2DZ-dsXtHSMrltmYVJd&usqp=CAI

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2613ae2b69abea5c2ec9a39f0d71e19746ebbcb8b64fa224fd088fb500c0fa73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 12:30:40 GMT
x-content-type-options: nosniff
age: 295624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28090
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 11:48:02 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 04 Nov 2022 12:30:40 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7023 47 KB
47 KB 45ms
16ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTWUmFszwWxFe-z7IEmU0WqlgfqJ610hhURO8eyZ6VedHLOIlBOPts57aP1HOY&usqp=CAI

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

300a85ae6fe0e8ec7d5a6c398ab1bc5b862af64160993fd09b1fb0febb246bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 03:09:25 GMT
x-content-type-options: nosniff
age: 502099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48090
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 08:41:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 02 Nov 2022 03:09:25 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 7023 25 KB
25 KB 45ms
7ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQHqUId9YCgd24xe2rhweisArnUfx6vPrsa4X7f-Bx84x7mmBiE3X0oSLoAbrE&usqp=CAI

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2d93b055e317d4dfacba3abe2dc78fb80bfd2bff27796eb82b14fc6865ad509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:33:24 GMT
x-content-type-options: nosniff
age: 533060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25415
x-xss-protection: 0
last-modified: Mon, 25 Nov 2019 16:54:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 01 Nov 2022 18:33:24 GMT

GET
H2

200

2401371329490837093
tpc.googlesyndication.com/simgad/ Frame 7023
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD34sLimAEQgAkYgQkyCLhTVvxEnQYN
https://tpc.googlesyndication.com/simgad/2401371329490837093

98 KB
99 KB

7ms
7ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2401371329490837093

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270be58b040d0b59d87a4deea0ca09e1b49916b84858005cd3e3e1f2d302ba32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:16:12 GMT
x-content-type-options: nosniff
age: 310892
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100649
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:23:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 08:16:12 GMT

Redirect headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 02:11:05 GMT
x-content-type-options: nosniff
server: cafe
age: 73599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/2401371329490837093
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Dec 2021 02:11:05 GMT

GET
H2

200

view_pixel_1x1.gif Show response
secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/ Frame 7023
Redirect Chain

https://www.ebayadservices.com/marketingtracking/v1/ar?mkrid=707-157687-884638-9&mkcid=4&mkevt=2&mpt=525540158&ff18=mWeb&siteid=77&adtype=0&size=1x1&ipn=admain2&placement=529704
https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

43 B
487 B

38ms
7ms

Fetch
image/gif

184.30.25.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif

Protocol

Server

184.30.25.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-25-27.deploy.static.akamaitechnologies.com

Software

ebay server /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

suppress-x-frame-options: true
content-encoding: gzip
x-content-type-options: nosniff
x-cache-lookup: HIT from include-cache-2:80
akamai-grn: 0.b5247e68.1636324665.28c8e966
content-length: 57
x-xss-protection: 1; mode=block
server: ebay server
date: Sun, 07 Nov 2021 22:37:45 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
rlogid: t6q%60uebwh%3D9vjdq%60uebwh*t0j5m%28rbpv6775-17bf8c9d8bc-0xe8
access-control-allow-headers: *
expires: Mon, 07 Nov 2022 22:37:45 GMT

Redirect headers

date: Sun, 07 Nov 2021 22:37:45 GMT
server: ebay-proxy-server
strict-transport-security: max-age=31536000
location: https://secureir.ebaystatic.com/cr/mscdn/64e017fc0bf98153dd694dc97d24a1ac/view_pixel_1x1.gif
cache-control: private,no-cache,no-store
x-envoy-upstream-service-time: 63
rlogid: t6baubqsodf%3F%3Cumjgcp%60tqjfc*d2%7Eun%28rbpv6702-17cfc8ce76f-0x2376
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7023 0
0 49ms
48ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvCIWN1WIYfqKNPCLjuwP5IOQuAHA4qiGZszH0P_9C7aByublGBABINjV2CtglYKAgMAHoAHtg83BA8gBCakCCL4yBLposz7gAgCoAwHIA5sEqgSHAk_QlePWukYq8pfn2ubqqanbR8k4rCSFUjpdz99st0A1-EdoLg9QEZ7GjNB1zgF4sqMHL_JM6ATpCFvqjBqjXM0NuijOxALQYJes84queBzt1iCAhXH0dM5ydF5I5FrpTPLbjj3jVp14He5goYDiK8cd_2Z1u9qV0F_gDYoK-j4eMP4g8_BjAr8I9M-o9nUSj_d559fDkgaFf_U0BRnH1MvhFohEAG-RkvkmlxdYnuvcYn0cfLngoa9-tQeBLiXB5GQ-88dIqnrjDGrsRfCUrRe-Ce-NBRTaY4tnggUFS-pNxJ7Yr2_HlGlmv9moalILtmRrcNw3SOfqlSOOFXE2gBLCC16llapTwAT2h7f7wQLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-_uyPqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ2JsJ0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi01MzExNTA1NDI5MjMyODA1gAoDyAsB2BMLiBQG0BUBmBYBgBcBshceChwIABIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=SrlDEDTqzhk&uach_m=[UACH]&template_id=494
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7023 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71f6c9d977d77beb83c10d58bd7c6b6cdb45cba57492a9aa82ae7dca187324aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7418
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO8qv2IyH4zKWHwKjlphye4&google_cver=1

43 B
1014 B

21ms
19ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO8qv2IyH4zKWHwKjlphye4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNWlMxrmRISLDU7O4lnkRRZHu-2IDrEsuNz0z4okZFOq15nyGk715oyioMS9yNYud8A7YNok4t77rqOvoH0eo9mU4B74HiKn0u5aMfPOgFuwl7_7Hpeq0aomDd_HIMIIwNfXksOZ0vxRyX6RZaOIAs1L4PuYTSSH9tbUkF_1ixvKWF0sIf0
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 07 Nov 2021 22:37:45 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO8qv2IyH4zKWHwKjlphye4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7418
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYhVOS4ElbB2J3kdcmIBTAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO8qv2IyH4zKWHwKjlphye4&google_cver=1

43 B
894 B

19ms
19ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO8qv2IyH4zKWHwKjlphye4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNWlMxrmRISLDU7O4lnkRRZHu-2IDrEsuNz0z4okZFOq15nyGk715oyioMS9yNYud8A7YNok4t77rqOvoH0eo9mU4B74HiKn0u5aMfPOgFuwl7_7Hpeq0aomDd_HIMIIwNfXksOZ0vxRyX6RZaOIAs1L4PuYTSSH9tbUkF_1ixvKWF0sIf0
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 07 Nov 2021 22:37:45 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO8qv2IyH4zKWHwKjlphye4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7418
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFcvOoAr_0ZCEp7pgo-O_Us&google_cver=1

43 B
1002 B

37ms
37ms

Image
image/gif

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFcvOoAr_0ZCEp7pgo-O_Us&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPG4AIQmaDwAhiJwOptMAE&v=APEucNWlMxrmRISLDU7O4lnkRRZHu-2IDrEsuNz0z4okZFOq15nyGk715oyioMS9yNYud8A7YNok4t77rqOvoH0eo9mU4B74HiKn0u5aMfPOgFuwl7_7Hpeq0aomDd_HIMIIwNfXksOZ0vxRyX6RZaOIAs1L4PuYTSSH9tbUkF_1ixvKWF0sIf0

Protocol

HTTP/1.1

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:45 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1a43efe7-e0bb-4bd0-a01d-8155bdb3b862
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFcvOoAr_0ZCEp7pgo-O_Us&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7418
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3NjQ2NjAzMTQ3NDc2NjkxMw%3D%3D

170 B
188 B

30ms
16ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3NjQ2NjAzMTQ3NDc2NjkxMw%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:45 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e89052e0-514b-41d2-a152-3df65b546579
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA3NjQ2NjAzMTQ3NDc2NjkxMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 568F 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 22:24:14 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 568F 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H2 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame 568F 41 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 332825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 02:10:40 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5DD9 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 396015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B24008644.271759998;dc_ver=81.235;sz=300x250;u_sd=1;dc_adk=2228999113;ord=rgchgl;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOxwpN1WIYeWwNeKqrASkxorgC-H90s1l3_Ca08Y... Show response
ad.doubleclick.net/ddm/adj/N1200812.3230469APEXOUTCOMES/ Frame 568F 60 KB
25 KB 79ms
50ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1200812.3230469APEXOUTCOMES/B24008644.271759998;dc_ver=81.235;sz=300x250;u_sd=1;dc_adk=2228999113;ord=rgchgl;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCOxwpN1WIYeWwNeKqrASkxorgC-H90s1l3_Ca08YN9tPmrYkCEAEg2NXYK2CVgoCAwAegAdus6LgCyAEJqQLA5x7KWaW2PqgDAaoE9wFP0MC1BadFhgmodfi0x8EJgHCVF_g_T_p8THEQplmuVpcxey3BORKBGm-rJ0sslCV2UWJJjxv71d2ZCi2VUEGsLXWrUa7opAzpf-yihgRTxV03M8XvYaRlQa0MZmOiGpp-smGewcMQsNgc0ZKlMynO0HnAbhRXJFvT3jIhHltojOJ1vzeEPxv5c2l2oFc_4DtONEq1CrCP6-Isymp5Pti6mqKcPn85HFPr-GJJuugN8vy0dIFdvepnsKLXRtCV5H4n5OulFYZS0EIlU2tzdigJP-uWLeTErgk_jUyHJ0hJAiIkkNbWInF6yCAcP4nlUjgzTk6nE20mwATW6cK1uwPgBAOQBgGgBk2AB43Tl8cBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTMxMTUwNTQyOTIzMjgwNYAKA5gLAcgLAYAMAbAT4Yj5DNATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo5wjzBNy06R2cRWEuDmEmOVaBcw%26sig%3DAOD64_2SwEz_3teZfISho9_EIjIrniLArQ%26client%3Dca-pub-3944954862316283%26dbm_c%3DAKAmf-Ch_7IImID6xiGWqm0GPxAaUMOFM1kMJ2pn-9KjtOL9cLuwgYdZ5rXrkTCsMn1K_-tvI9gG-nPRod6AswhiXJOpDm01gDv7Ei25tbWupcHXWpy3k9xSQiPiq8Fo1tXEr4h_Zb1OruOmhvXX-7fGRgk981G-7A%26cry%3D1%26dbm_d%3DAKAmf-BDuUbrXb_BajQ29lOMeIiJ5MrIfi5t9d1T0Kma4bpVr2-Ww6k13X8JCvbEHSkxawUMGZIJhj2JY5ghejLB_UGq6beqWXZRxVWxTtCsDSardjyU67uaIoNoPenxz54mbGjLDA1Qlf70XTM0RBoUfGG7hcyFHxA0Ca3cEm5mre6VJkkaE4kO5r_39Yrn3W6YI1adqxh5pPh-tWmh_5nzci9JJAXQXiG74F2iAm2Slq8LrOe6OlUIeI5-6Koub2hqIRDZtNhsbQBRAq5hDX33Ebi9Rdl7D2vzlPfzUTaaKidQITVdYV6B-qQKhllYRtplKgdrMTBpEtcJ7BCxpz-7llMuEMhzwGU5-oDb-_zQmzhGdvscn7zNHjiQer58e3mvjMRUCitDboIoss_MipgjPne6aTc6w1AWDiqF4VbEEtgbxpfiWUPlRj0UqeRGwuTDXCscnAfw2kP0TAPgSoZ5Mm5IY5xFT_65ymL8V0mWpIraIkVOe9o%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fwww.idrlabs.com%2F$0;xdt=1;crlt=SLp)RbxjUX;sttr=32;prcl=s

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

2adbdcc43fd77452efd4601d8237cb47d20493e6f309f6c4e966f54cb7386896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DD9 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0jmaLa2Vi7bQBj1dGHpx_-l8OaoLSmLq4coDUffl6zA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 259127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13202
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 22:38:58 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 568F 106 KB
38 KB 47ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
Origin: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 16:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23305
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 16:09:20 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 568F 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 21 Nov 2021 22:25:43 GMT

GET
H2 200 main.gr.19.8.263.js Show response
static.adsafeprotected.com/ Frame 568F 187 KB
60 KB 55ms
7ms Script
application/javascript 2600:9000:223f:f200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.263.js
Requested by: Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 177e5f948cc82a4c47e8019cabe6588a2dbecc64436ba17d6b949e223ea0cd3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 19:39:33 GMT
content-encoding: gzip
age: 269893
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 04 Nov 2021 19:24:40 GMT
server: AmazonS3
etag: W/"9addc11e192d275e750ea5aea12ac7df"
vary: Accept-Encoding
x-amz-version-id: NVrRxFxGBFFuBDr8S8kpZkTNKXYqcIFm
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: m-ZqfLyk59z9vS4u3xaHiYQrWePh5Jj_aCxLOVLfSSfu4Ycm_Yn-dQ==

GET
DATA 200
OK truncated
/ Frame 568F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 948729b433c670f78b47ef13c7a7ae2bc0b997bdf9cfa533d7ee3650f2da9868

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7565 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 396015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7565 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 15:05:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 15:05:23 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/14198662164144293378/ Frame 442C 93 KB
21 KB 330ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14198662164144293378/index.html

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b9426060c3ebdcbc78eac8c1f5b0d067e9d08a3c2ddfd1a868a29c260e36048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Fri, 05 Nov 2021 04:16:16 GMT
expires: Sat, 05 Nov 2022 04:16:16 GMT
last-modified: Fri, 23 Jul 2021 13:51:35 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 20503
age: 238889
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 568F 0
524 B 85ms
43ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvN2SIcip44HWUuOymJeKtdc80IHLTbzKJ2-NkaSK7_FDGN3IR9m8Dbb2pHWGdKPnIKeYmnouY_xfw3mwzbwAHtcs1vnc_1zj1YwRCYuWJUczDbHFSQE6ScnJNsDR_ELB6EuoxCHiss7WjXdln-6zLK&sig=Cg0ArKJSzEEaJ-5bQZNAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=73&cbvp=1&cstd=69&cisv=r20211103.06193&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 22:37:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 568F
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/415630/45225569/skeleton.js?adsafe_url=https%3A%2F%2Fwww.idrlabs.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fdd22498244555e740a6ea80c4a40e2d2.safeframe.go...
https://static.adsafeprotected.com/skeleton.js

17 B
466 B

7ms
7ms

Script
application/javascript

2600:9000:223f:f200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:f200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
age: 10677709
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: pzrT0fSbEX1sjYcG84Ttr1LMpSSW8AMNlNqqPaJUCw3vTYPcYgIFQw==

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
x-server-name: app23.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame C58F 80 KB
21 KB 7ms
7ms Script
application/javascript 2600:9000:223f:f200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:55:08 GMT
content-encoding: gzip
age: 6925358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: jImNj4XsT5VthszKRyFb1YVIQ2oDdFKZdCAR4tyVjlcOnql5i5Bi_A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 568F 43 B
215 B 346ms
99ms Image
image/gif 107.23.190.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=97d08e41-c58c-1798-dbc3-966d84e89240&tv=%7Bc:tk8KKo,pingTime:-3,time:212,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:184%7D,%7Bpiv:100,vs:i,t:211%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:212,o:0,n:211,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1%5D,as:%5B41~300.250%5D%7D%7D,%7Bsl:i,t:211,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sO7xxfO+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C162%7C1631%7C164,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.190.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-190-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 568F 43 B
215 B 343ms
98ms Image
image/gif 107.23.190.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=97d08e41-c58c-1798-dbc3-966d84e89240&tv=%7Bc:tk8KKp,pingTime:-6,time:213,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:213,o:0,n:211,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1%5D,as:%5B41~300.250%5D%7D%7D,%7Bsl:i,t:211,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sO7xxfO+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C162%7C1631%7C164,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:www.idrlabs.com*&br=c
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.190.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-190-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 568F 43 B
216 B 334ms
98ms Image
image/gif 107.23.190.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=97d08e41-c58c-1798-dbc3-966d84e89240&tv=%7Bc:tk8KKz,pingTime:-2,time:223,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:520,bdZ:694,beA:1093,beZ:1094,mfA:1258,cmA:1260,inA:1261,inZ:1265,prA:1265,prZ:1270,si:1277,poA:1278,poZ:1294,cmZ:1294,mfZ:1294,loA:1306,loZ:1308,ltA:1316,ltZ:1316%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:184%7D,%7Bpiv:100,vs:i,t:211%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:224,o:0,n:211,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1%5D,as:%5B41~300.250%5D%7D%7D,%7Bsl:i,t:211,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B13~100%5D,as:%5B13~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sO7xxfO+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C162%7C1631%7C164,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:37,readyFired:true%7D&br=c
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.190.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-190-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DD9 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bi_ueOVWIYcW3A5by3gPwn6CgAQAAAAA4AeAEAg&bg=!l5SllNDNAAYH3anuB907ACkAdvg8WlWENSKtBFJTSNfFPzIRgfY-K3wifTENbtpTgYlVpBp67to6rwIAAAD5UgAAADtoAQeZAwjySzrpIEiW-IY4SbmzPsH1mpxGtI0-M08ydjpvcluLQvteEwzin5rWGPaZCcPJZXMkH55wDdVK_x34wgfUdt3fT6gi8Oe_cehHY06ZEklwGaO7BSAe2VtTFsvjPcbRomwQ9eoLrWwsD81xpSKRQHBc4oeqIY8tVjIfV52E9ZgvgdivhP1FYrz0saUak4wycL3nsJuX08g9-JWoAWcMsudtHQb1HusP9rETDn80t_iaehJyilELZq8NV0gD072RDN47m7FSDhDbuOFDOgnzuVjf46Hy_L3bIjRyPZskhAizBgmlasMocFJsKcy7ME6UaK5nyciKcZ2Kiedkk916iEdS2hOFyWbAGI2uW4BUBezNthdbKE60DR8-NItqhAjQit_Ha1pwT10nLg19zpta4-tjvmq5bbXrPRXUJnWL0fyVZl4mK2l_AEQHuRdYb9lQyNp_m7nOfCbDF6A52HnxB-LAY4RbB3CFEm_Pm2CB-VU6Bqx8saYJAjJez-mAWoU5TmCdP2prbejzZjgM-ZYFYAvbbFfOY_k24GMUv-qyH0A1kFM6EKSDY3VrLMScV6RseSKizXW8fPrpocthXpU9BJ5N8tz3-HXY2wriXJJ4hoXTUHbffVBGwImZgXByQ5BZt2EZB6uzPzU3mXOEyJQLmgxw5n9tpV2LulaAH9chtdlgpTmtWje7n6u0YEmU6_j6lHiR_c6YjERiAfqODJGxhouu8jeaqd_MOEnzex_PXIOl949CzSvzXYIazzblJz9TDkk17jbiKSDbv3my3scZ9stDQmb0LFxEycvNyQ6M3fzeiaegK1GQnsdj6Z35dyeR7bCcE6gYXtjLy6-A-cQqLya-_YjIP9fdwwzGP3z4OT7pKH41nhOF-GmkZfaJyD0_jte7M83s6Rm9Dlv1yqKzc3_-NTlquaOW5QHO3KwfB9sDF3v7FcoxBFa_6CsT8J1xfF-Jx_jW33MtUTV_siNk8K7kUu_I1TAV6HUolTvK4-wP5QruOi-_bbudKccHlUzoFnAt-muf6UnF3w

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 568F 43 B
215 B 280ms
105ms Image
image/gif 107.23.190.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=97d08e41-c58c-1798-dbc3-966d84e89240&tv=%7Bc:tk8KLz,time:285,type:e,im:%7Bimprf:%7Bttecl:812,ecd:7,tsecr:8%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:285,o:0,n:211,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1%5D,as:%5B41~300.250%5D%7D%7D,%7Bsl:i,t:211,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~100%5D,as:%5B74~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sO7xxfO+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C162%7C1631%7C164,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.190.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-190-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7565 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzCZ2OVWIYbj0Daev-gaI1aqQDgAAAAA4AeAEAg&bg=!PT6lPnrNAAYH3anuB907ACkAdvg8WlapajECkQvdvhZY3bS302MaGl7HLPfiG_8Z9WgIg9hbN6AAkAIAAACTUgAAAApoAQcKAEIxd400nD8ngxSqNznupzJH5xC4POrBeD96n2dWwcn7uwiYstGzvgRmmLCM-XlxC08uG8k1TGzHmftDwk4vFbpikbeZAuzflipGupk6HVsmYvmUrHzAV1wrmds7N6nz18LVms-2h_PUuDXjM6Z7RcQzO4ztW07LRg1z57azsBCzq2MWPQKJqzg1nP5hed0IRF86HtpJ1HtR1b_maAvPDGWnlEtr-01vQ18WgbtQHXj6ZZkB2lPEC71fMBYjTlxnZ9A6NxXItP-S0XzFWrBdpMuXWpnLjJFO3roS2D_xLTxVFcQlSc-V34BRxa52tfeB6JssV_4NooyNT4zCO4jzxMU1s0pah2s_prylnAWHVsAJvNiWQT3Kv8lxn0jdsPliYcGZeyXfQSEnNAaj7FuQqPfmUwxP_p0WmYdMVQVumfOS4HogwOKhBdNwXLXIkvPukTEDJIef4saTrVvjSBIOzW5ACwX3FzNz9_71TVxc2xU45jcIoE_D9E8wOf7BwitOCgMZ0gBUJpyoy4lM6ws-hGWaHjwjMYbqmR2XmHfywLsKOFlnXLOm8BE_gvt6H__Tsc6AK0xKs4fuAhoCVHQBENlar-0TkUVP2fUs78RCsIhufnUKVpJA6g-u6hwKyEQ9AGcplsJifrbIHlUM6A7hDtLW3NrG9J_IWcDHh41_dYwTzrVULLZ2A_T0F4trRim4uqJLqdVsV8HQ2eohEkGATacEcM9ff2kRwYYnBaBUUv5HT37vPc83w4uxu6QlwHK9AHeiOF5RwtbLate_D9aN5PPzHmenRyvQx3jdJDbDyP0a1VBG5nLXYasS4kar6ByP5X_kV-Qyyc11nJxcom0reSxdgFBPeMAhOVBE4upjDIH9V1Lvml-z-AhxaOlAfx9Vi6WE3NT5bo3mHME-4KU7SHMvrjWK3lCFKkEHMhxUxLRnVqtnyteYWyIo0wuEca4xlVmSgJvazbcZ-7N08I6uaO0wa1itc-y_JhY-Y2dnH5jHTyIEANjb9LeG3F7oGdtxEZpv1BgKpS1ft6oXPQ2kDeREl5TPrKkmfJbB1ur5PDss6J4ISDn4QOYlU8VdMflW96qD

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DcmEnabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 442C 28 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14198662164144293378/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14198662164144293378/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 21:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10121
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Nov 2021 21:11:59 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 568F 0
23 B 57ms
43ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvN2SIcip44HWUuOymJeKtdc80IHLTbzKJ2-NkaSK7_FDGN3IR9m8Dbb2pHWGdKPnIKeYmnouY_xfw3mwzbwAHtcs1vnc_1zj1YwRCYuWJUczDbHFSQE6ScnJNsDR_ELB6EuoxCHiss7WjXdln-6zLK&sig=Cg0ArKJSzEEaJ-5bQZNAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=435&vt=11&dtpt=362&dett=3&cstd=69&cisv=r20211103.06193&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.idrlabs.com
URL: https://www.idrlabs.com/male-hierarchy/test.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 07 Nov 2021 22:37:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 Path_476.svg
s0.2mdn.net/sadbundle/14198662164144293378/ Frame 442C 15 KB
4 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14198662164144293378/Path_476.svg

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297f929bd96816e13cdfcde11716f3daaf61658f0a7303ffe23de511c4a51aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14198662164144293378/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 12:02:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38139
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3823
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Nov 2022 12:02:06 GMT

GET
H2 200 Path_466.svg
s0.2mdn.net/sadbundle/14198662164144293378/ Frame 442C 16 KB
4 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14198662164144293378/Path_466.svg

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ec6e957ae6a2625932851df4164407fcb252b9e981bbb92d505875158eca14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14198662164144293378/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 11:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40790
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4141
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 07 Nov 2022 11:17:55 GMT

GET
H2 200 Invisalign_Primary_NoR_REV.svg
s0.2mdn.net/sadbundle/14198662164144293378/ Frame 442C 35 KB
25 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14198662164144293378/Invisalign_Primary_NoR_REV.svg

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e93241661bd09b0ef648863b355d392ee2b64611c4b6b629acb1fa25619e1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14198662164144293378/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 18:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534198
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25836
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 18:14:27 GMT

GET
H2 200 Ellipse_2.png
s0.2mdn.net/sadbundle/14198662164144293378/ Frame 442C 28 KB
28 KB 17ms
16ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14198662164144293378/Ellipse_2.png

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4000634d3c8528ca8c42a3bbc08e0497c64424d037326324e391c5f916c28db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14198662164144293378/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:12:11 GMT
x-content-type-options: nosniff
age: 523534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28709
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 21:12:11 GMT

GET
H2 200 Group-133-2x.jpg
s0.2mdn.net/sadbundle/14198662164144293378/ Frame 442C 76 KB
76 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14198662164144293378/Group-133-2x.jpg

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f080f1204c3da41fecc038d186c1da1b7e4302d90ce9fa9abab26015a1100e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14198662164144293378/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 01:58:17 GMT
x-content-type-options: nosniff
age: 247168
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77631
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 01:58:17 GMT

GET
H2 200 Group_25.svg
s0.2mdn.net/sadbundle/14198662164144293378/ Frame 442C 6 KB
2 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14198662164144293378/Group_25.svg

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc3aa7c7193b7f6a73203db7b3766f165bd4717467e6980ce4e835585ddade5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14198662164144293378/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 20:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2151
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 20:37:13 GMT

GET
H2 200 AlignTech_Case_Aligners_Black.png
s0.2mdn.net/sadbundle/14198662164144293378/ Frame 442C 79 KB
80 KB 14ms
13ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14198662164144293378/AlignTech_Case_Aligners_Black.png

Requested by

Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d861d86ce2642180a83e1202d7f03e1f5d5bf97d6ad3576a31090a5696c28ea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14198662164144293378/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:12:11 GMT
x-content-type-options: nosniff
age: 523534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81290
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 13:51:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 01 Nov 2022 21:12:11 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 568F 43 B
215 B 150ms
150ms Image
image/gif 107.23.190.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=97d08e41-c58c-1798-dbc3-966d84e89240&tv=%7Bc:tk8KP5,pingTime:-10,time:503,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1636324665462%7C%7Cdc505aebcab5b1b7e528198ed7da33f9%7C%7C9ceebc4ad83ababb94d4029b4dca4e66%7C%7Ccb05cc7496c2c29a402b57c544165bf1%7C%7Cc23011bdb24e7de2ccf7ea6a64109739%7C%7Cc29a587cf33d861068e727242b6c8186%7C%7C9a91055ad6f29d01b47c47990c644f6a%7C%7C163b82c32b69aea6113cc81a5ce7f742%7C%7C1629390669%7D
Requested by: Host: dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
URL: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.190.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-190-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7023 42 B
174 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssH2ocjlQ30HVwTrPKMXhDUz-KM5taXKZeMc9PxKBVCI9t1WLXjbIxgxVaaKtqgLuxCYKI9WkM6pFDg6dMu8Tv4E6zuH4Zt5IWc4Csgj84wGcWiH2rfoe9O8BTVGRWZi0x2f1xx6DiyOvMz&sai=AMfl-YToVNbRUDgZi8KSKl60Ubclh12lv19Y6Eh8FVBya_596c3JQE3vZX3-kcPccHxVaZfGD6PIcLojuylAGm6PBUSaWXRrYNRRf3Y38EfIRyrrv_1YOJIgmVUoJl96H2dI&sig=Cg0ArKJSzBh_iau6ypOgEAE&id=lidar2&mcvt=1000&p=550,343,600,663&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3131761124&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636324663843&rpt=634&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 services Show response
g2.gumgum.com/zones/100410/ 0
275 B 36ms
35ms XHR
text/plain 54.228.52.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/zones/100410/services?dp=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&pu=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&ogu=https%3A%2F%2Fwww.idrlabs.com%2Fmale-hierarchy%2Ftest.php&rf=&r=3.85.12&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A2%2C%22ren%22%3A2%2C%22fc%22%3A0%2C%22ctx%22%3A%5B2%5D%2C%22jsv%22%3A%223.85.12%22%2C%22pbv%22%3A%220.0.0%22%7D&ns=10240&bf=ef52c28147ef67897ac28d7d133faa4859ed938b&ce=true&fs=false&dpr=1&sch=1200&scw=1600&lt=1636324665949&to=0&vpii=false&vph=1200&vpw=1600&productIds=1%2C5
Requested by: Host: js.gumgum.com
URL: https://js.gumgum.com/services.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.52.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-52-99.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.idrlabs.com
date: Sun, 07 Nov 2021 22:37:46 GMT
access-control-allow-credentials: true
server: nginx
timing-allow-origin: *
etag: "0d41d8cd98f00b204e9800998ecf8427e"
p3p: CP="This is not a P3P policy"

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 568F 42 B
108 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumKC2twarmYD2E0g8s_ThoOy0Gg5RYB6VqjdAJKJ2US1Ytr4J5-oALANPITogpLE6anj-SqQE3aaylonxVX10oAqEGCg1nMCTY8JmvG7HusceyNNRGqQ&sai=AMfl-YTXFCMUTeUBft-a8xiijg_SHYRXXwCIVMH1EBJzV9moVvGZblq8RozzddBkoJOnmhswx3OTLcT-TURw_BuxzAFz0OiDyLG8uRslxRqNIg9szT0THImSHI6zNv3KuK0h&sig=Cg0ArKJSzA_ju04Bf_cNEAE&cid=CAASFeRo5wjzBNy06R2cRWEuDmEmOVaBcw&id=lidar2&mcvt=1000&p=837,353,1087,653&mtos=908,1000,1000,1000,1000&tos=908,92,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4279634003&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636324663867&rpt=1107&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 568F 42 B
108 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZtubrYiAH3dcH0r-DhlAc0v_wQs_LJ6NxrMih82VTAwXl_D5e5R2hfu0dDyVrWfEKqrzPZly_rDopS7hU88A8A5byuMoC&sig=Cg0ArKJSzFM2Pe-Zr674EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=2228999113&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636324663867&rpt=1197&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 568F 43 B
215 B 99ms
98ms Image
image/gif 107.23.190.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=97d08e41-c58c-1798-dbc3-966d84e89240&tv=%7Bc:tk8L0w,pingTime:1,time:1212,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:184%7D,%7Bpiv:100,vs:i,t:211%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1212,o:0,n:211,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1%5D,as:%5B41~300.250%5D%7D%7D,%7Bsl:i,t:211,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:155,fm:sO7xxfO+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C162%7C1631%7C164,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.190.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-190-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
x-server-name: dt29.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 568F 43 B
215 B 101ms
99ms Image
image/gif 107.23.190.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=97d08e41-c58c-1798-dbc3-966d84e89240&tv=%7Bc:tk8L0x,pingTime:1,time:1213,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:184%7D,%7Bpiv:100,vs:i,t:211%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1213,o:0,n:211,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1%5D,as:%5B41~300.250%5D%7D%7D,%7Bsl:i,t:211,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:155,fm:sO7xxfO+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C162%7C1631%7C164,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.190.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-190-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 568F 43 B
215 B 99ms
99ms Image
image/gif 107.23.190.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=97d08e41-c58c-1798-dbc3-966d84e89240&tv=%7Bc:tk8L0y,pingTime:1,time:1214,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:184%7D,%7Bpiv:100,vs:i,t:211%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1214,o:0,n:211,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1%5D,as:%5B41~300.250%5D%7D%7D,%7Bsl:i,t:211,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:155,fm:sO7xxfO+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C162%7C1631%7C164,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.190.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-190-127.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
x-server-name: dt33.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
542 B 33ms
32ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: b4de8cbcc3679058b5f6c6c56b78d7d400c9b23583cfcf75451d9433040f2776

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Nov 2021 22:37:46 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.idrlabs.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Tue, 07 Dec 2021 22:37:47 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
110 B 14ms
14ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1458

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.idrlabs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 07 Nov 2021 22:37:46 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.idrlabs.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET

6.gif
id5-sync.com/c/441/19/4/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=e_a162ec04-6d57-4be6-8318-31b9bfe53888&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=e_a162ec04-6d57-4be6-8318-31b9bfe53888&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
https://id5-sync.com/cq/441/916/8/2.gif?puid=dedd2f0b-396f-46e8-bbea-be52ec813693&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
https://id5-sync.com/cq/441/124/7/3.gif?puid=57d77296-8400-4eec-af1f-46888628791c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/441/146/6/4.gif?puid=0a8c8b92-c1b0-49e7-a075-208a34e141fb&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENTlvJH7-EyZThh4lpWnK1c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2076466031474766913&opid=apx&ops=&utidl=tech:goo:CAESENTlvJH7-EyZThh4lpWnK1c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A22315425164&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/19/4/6.gif?puid=d6660caf97e5cfe1516a190d16de3a49&gdpr=1&gdpr_consent=

0
0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ 0
478 B 62ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?a=true&partnerId=38&userId=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:46 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://sync.bfmio.com/syncb?pid=144&id=4d314741-eb1c-4f5f-f287-2372f5f0f5f7&gdpr=0&gc=&gce=1&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=41e8dc7b-6427-45e8-9baa-0830d5676c6e

0
421 B

101ms
101ms

Image
text/plain

52.22.84.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=41e8dc7b-6427-45e8-9baa-0830d5676c6e
Protocol: HTTP/1.1
Server: 52.22.84.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-84-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 07 Nov 2021 22:37:46 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=41e8dc7b-6427-45e8-9baa-0830d5676c6e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YYhVOS4ElbB2J3kdcmIBTAAA%261123

0
44 B

84ms
84ms

Image
text/plain

206.189.254.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YYhVOS4ElbB2J3kdcmIBTAAA%261123
Protocol: H2
Server: 206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:46 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:46 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YYhVOS4ElbB2J3kdcmIBTAAA%261123
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 293
Expires: Sun, 07 Nov 2021 22:37:46 GMT

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=ea68746d-1c06-4252-8c83-7a89000a9a6f

46 B
696 B

90ms
38ms

Image
image/gif

2.21.140.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=ea68746d-1c06-4252-8c83-7a89000a9a6f

Protocol

Server

2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-74.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sun, 07 Nov 2021 22:37:46 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Sun, 07 Nov 2021 22:37:46 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
server: Kestrel
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=ea68746d-1c06-4252-8c83-7a89000a9a6f
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2436634
content-length: 0
expires: Sun, 07 Nov 2021 00:00:00 GMT

GET
H2

200

cksync.php
cs.media.net/
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=WjMLw22k1MJQNk5

46 B
537 B

119ms
33ms

Image
image/gif

2.21.140.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=WjMLw22k1MJQNk5
Protocol: H2
Server: 2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-74.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 46
x-mnet-hl2: E
expires: Sun, 07 Nov 2021 22:37:46 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 07 Nov 2021 22:37:46 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-02cbf440f9d738c39@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=WjMLw22k1MJQNk5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP548aa64e-401b-11ec-931b-068311666846
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP548aa64e-401b-11ec-931b-068311666846&verify=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP548aa64e-401b-11ec-931b-068311666846

0
44 B

88ms
88ms

Image
text/plain

206.189.254.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP548aa64e-401b-11ec-931b-068311666846
Protocol: H2
Server: 206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:46 GMT
content-length: 0

Redirect headers

location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP548aa64e-401b-11ec-931b-068311666846
date: Sun, 07 Nov 2021 22:37:46 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=9ce257a7-5e93-4e02-bc78-02272b6fe57a&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM-jvt56eMpgfSDwIHAsVVk&google_cver=1

43 B
114 B

40ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM-jvt56eMpgfSDwIHAsVVk&google_cver=1
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM-jvt56eMpgfSDwIHAsVVk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156972
https://image8.pubmatic.com/AdServer/ImgSync?p=156972&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkYxRDI0NTItOEEyQi00MDAzLTgyNEUtN0FDMzA3OTAxOUQw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
219 B

25ms
24ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 22:37:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Sun, 07 Nov 2021 22:37:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:391
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 current
medianet-match.dotomi.com/match/bounce/ 0
104 B 152ms
65ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=medianet&bsw_custom_parameter=5d72e81d-0507-4021-bf70-119674251e1f
https://x.bidswitch.net/sync?dsp_id=257&user_id=mkd0e5b342-8b3c-43d5-a758-2d5359f19ae7&expires=7&user_group=5&ssp=medianet&bsw_param=5d72e81d-0507-4021-bf70-119674251e1f
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5d72e81d-0507-4021-bf70-119674251e1f&gdpr=&gdpr_consent=&gdpr_pd=

46 B
545 B

35ms
35ms

Image
image/gif

2.21.140.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5d72e81d-0507-4021-bf70-119674251e1f&gdpr=&gdpr_consent=&gdpr_pd=

Protocol

Server

2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-140-74.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sun, 07 Nov 2021 22:37:47 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Sun, 07 Nov 2021 22:37:47 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=5d72e81d-0507-4021-bf70-119674251e1f&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 07 Nov 2021 22:37:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 cksync.php
cs.media.net/ 45 B
376 B 77ms
23ms Image
image/gif 2.21.140.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.140.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-74.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.idrlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Nov 2021 22:37:46 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 45
x-mnet-hl2: E
expires: Sun, 07 Nov 2021 22:37:46 GMT

GET

ibs:dpid=463291&dpuuid=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr...
dpm.demdex.net/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
https://id5-sync.com/cq/441/916/8/2.gif?puid=57d77296-8400-4eec-af1f-46888628791c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
https://id5-sync.com/cq/441/124/7/3.gif?puid=57d77296-8400-4eec-af1f-46888628791c&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/441/146/6/4.gif?puid=0a8c8b92-c1b0-49e7-a075-208a34e141fb&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENTlvJH7-EyZThh4lpWnK1c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2076466031474766913&opid=apx&ops=&utidl=tech:goo:CAESENTlvJH7-EyZThh4lpWnK1c&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A22315425164&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/19/4/6.gif?puid=d6660caf97e5cfe1516a190d16de3a49&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...

0
0

GET dt
dt.adsafeprotected.com/ Frame 568F 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/441/19/4/6.gif?puid=d6660caf97e5cfe1516a190d16de3a49&gdpr=1&gdpr_consent=

Domain: dpm.demdex.net
URL: https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=97d08e41-c58c-1798-dbc3-966d84e89240&tv=%7Bc:tk8M31,pingTime:5,time:5211,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:184%7D,%7Bpiv:100,vs:i,t:211%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5211,o:0,n:211,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1%5D,as:%5B41~300.250%5D%7D%7D,%7Bsl:i,t:211,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:106,fm:sO7xxfO+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C162%7C1631%7C164,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=415630&asId=97d08e41-c58c-1798-dbc3-966d84e89240&tv=%7Bc:tk8M32,pingTime:5,time:5212,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:184%7D,%7Bpiv:100,vs:i,t:211%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:5212,o:0,n:211,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B41~1%5D,as:%5B41~300.250%5D%7D%7D,%7Bsl:i,t:211,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:106,fm:sO7xxfO+11%7C12%7C13%7C14%7C15%7C16*.415630-45225569%7C161%7C162%7C1631%7C164,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ebayadservices.com/marketingtracking/v1	1970-01-20 00:41:40	Name: adguid Value: e738847e05f64dabbd2a92826b8d1491
.www.idrlabs.com/male-hierarchy/	1970-01-19 22:42:09	Name: qsort-male-hierarchyEN Value: a%3A31%3A%7Bi%3A0%3Bi%3A9%3Bi%3A1%3Bi%3A27%3Bi%3A2%3Bi%3A21%3Bi%3A3%3Bi%3A7%3Bi%3A4%3Bi%3A1%3Bi%3A5%3Bi%3A16%3Bi%3A6%3Bi%3A19%3Bi%3A7%3Bi%3A17%3Bi%3A8%3Bi%3A20%3Bi%3A9%3Bi%3A25%3Bi%3A10%3Bi%3A15%3Bi%3A11%3Bi%3A11%3Bi%3A12%3Bi%3A13%3Bi%3A13%3Bi%3A22%3Bi%3A14%3Bi%3A5%3Bi%3A15%3Bi%3A14%3Bi%3A16%3Bi%3A6%3Bi%3A17%3Bi%3A29%3Bi%3A18%3Bi%3A30%3Bi%3A19%3Bi%3A28%3Bi%3A20%3Bi%3A4%3Bi%3A21%3Bi%3A26%3Bi%3A22%3Bi%3A18%3Bi%3A23%3Bi%3A31%3Bi%3A24%3Bi%3A10%3Bi%3A25%3Bi%3A23%3Bi%3A26%3Bi%3A24%3Bi%3A27%3Bi%3A12%3Bi%3A28%3Bi%3A8%3Bi%3A29%3Bi%3A3%3Bi%3A30%3Bi%3A2%3B%7D%40expires%3A1636929462
www.idrlabs.com/male-hierarchy	1970-01-21 18:20:04	Name: session Value: e7568e7b-4fb0-d043-71b7-6929f1a8fbe0
.www.idrlabs.com/	1970-01-19 22:34:57	Name: nonce Value: 41f4ad1f51b746bc161f81%40expires%3A1636497462
.idrlabs.com/	1970-01-20 16:03:16	Name: _ga Value: GA1.2.1953993989.1636324663
.idrlabs.com/	1970-01-19 22:33:31	Name: _gid Value: GA1.2.698494329.1636324663
.idrlabs.com/	1970-01-19 22:32:04	Name: _gat_gtag_UA_20689305_9 Value: 1
.www.idrlabs.com/	1969-12-31 23:59:59	Name: cookie_notice Value: 1
www.idrlabs.com/	1970-01-19 23:15:16	Name: _pbjs_userid_consent_data Value: 3524755945110770
.openx.net/	1970-01-20 07:17:40	Name: i Value: 50cf0476-86c1-0dd2-37b3-e6ced52c7c79\|1636324663
.adsrvr.org/	1970-01-20 07:17:40	Name: TDID Value: 41e8dc7b-6427-45e8-9baa-0830d5676c6e
www.idrlabs.com/	1970-01-19 22:33:31	Name: _lr_geo_location Value: DE
.gumgum.com/	1970-01-20 07:17:40	Name: cs Value: true
.gumgum.com/	1970-01-19 23:15:16	Name: loc Value: SfolTs1ZIlPt4unIug7NGHTHprMos3ZuqTBxlXamrm845wFyC1nEdJe_i0vbL1iSxv_BAMOjyAWXcU5g4XObNUfgtsx6P2hY7LEeTvlMuIM
.gumgum.com/	1970-01-20 07:17:40	Name: vst Value: e_a162ec04-6d57-4be6-8318-31b9bfe53888
.adnxs.com/	1970-01-20 00:41:40	Name: icu Value: ChgI3OVXEAoYASABKAEwt6qhjAY4AUABSAEQt6qhjAYYAA..
e.serverbid.com/	1970-01-20 07:17:40	Name: azk Value: ue1-sb1-9a77f6ff-3a69-40ac-b7d9-3a121c6b20da
.adnxs.com/	1970-01-20 00:41:40	Name: uuid2 Value: 2076466031474766913
.idrlabs.com/	1970-01-20 07:53:40	Name: __gads Value: ID=86e89c33943f5a82-225b9fe639cb005d:T=1636324663:S=ALNI_MYpYkXtZgI_6XNi2uj5-mdJK7-dJg
.doubleclick.net/	1970-01-20 07:53:40	Name: IDE Value: AHWqTUlyp7V0F1v2zvhr_NIMGuQOTmYFxZh4pqyyWgIIw-J2V0mICzt9aikIXgHGR24
.casalemedia.com/	1970-01-20 07:17:40	Name: CMID Value: YYhVOS4ElbB2J3kdcmIBTAAA
.casalemedia.com/	1970-01-20 00:41:40	Name: CMPS Value: 3176
.casalemedia.com/	1970-01-20 00:41:40	Name: CMPRO Value: 1123
.adnxs.com/	1970-01-20 00:41:40	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In:g.Xa<!]tbPl1M>e)ZlrFUfJ+tGXxoHIldIpDt=r+TiB1ZKxUgo^*m7_/#]g%`cQSbpRzqF1`b`]T*7U?f
.casalemedia.com/	1970-01-20 07:17:40	Name: CMRUM3 Value: 2d618855392760CAESEO8qv2IyH4zKWHwKjlphye4
www.idrlabs.com/	1970-01-19 22:32:08	Name: _lr_retry_request Value: true
www.idrlabs.com/	1970-01-19 23:15:16	Name: _lr_env_src_ats Value: false
www.idrlabs.com/	1970-01-19 23:58:28	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%2241e8dc7b-6427-45e8-9baa-0830d5676c6e%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-07T22%3A37%3A47%22%7D
.openx.net/	1970-01-19 22:53:40	Name: pd Value: v2\|1636324666\|gu
.id5-sync.com/	1970-01-19 22:32:04	Name: cf Value:
.id5-sync.com/	1970-01-19 22:32:04	Name: cip Value:
.id5-sync.com/	1970-01-19 22:32:04	Name: cnac Value:
.id5-sync.com/	1970-01-19 22:32:04	Name: car Value:
.id5-sync.com/	1970-01-19 22:32:04	Name: gdpr Value:
.id5-sync.com/	1970-01-19 22:32:04	Name: callback Value:
.w55c.net/	1970-01-20 08:00:52	Name: wfivefivec Value: WjMLw22k1MJQNk5
.advertising.com/	1970-01-20 07:19:07	Name: APID Value: UP548aa64e-401b-11ec-931b-068311666846
.criteo.com/	1970-01-20 07:53:40	Name: uid Value: ea68746d-1c06-4252-8c83-7a89000a9a6f
.w55c.net/	1970-01-19 23:15:16	Name: matchmedianet Value: 5
.pubmatic.com/	1970-01-19 22:33:31	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-19 22:33:31	Name: CMST Value: YYhVOWGIVToA
.yahoo.com/	1970-01-20 07:18:02	Name: A3 Value: d=AQABBDpViGECEPzKkPPPi5HJkuqcfnt5EMwFEgEBAQGmiWGSYQAAAAAA_eMAAA&S=AQAAAqBVN_KWWxI8CDt7yqiKZq4
.analytics.yahoo.com/	1970-01-20 07:19:07	Name: IDSYNC Value: 17ot~21em
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP548aa64e-401b-11ec-931b-068311666846
.yahoo.com/	1970-01-19 22:33:31	Name: APIDTS Value: 1636324666
.pubmatic.com/	1970-01-20 00:41:40	Name: SyncRTB3 Value: 1637452800%3A220
.pubmatic.com/	1970-01-20 00:41:40	Name: KADUSERCOOKIE Value: 6F1D2452-8A2B-4003-824E-7AC3079019D0
.media.net/	1970-01-20 02:58:28	Name: gdpr_status Value: 1
.media.net/	1970-01-19 23:15:16	Name: data-c-ts Value: 1636324666
.media.net/	1970-01-19 23:15:16	Name: data-c Value: ea68746d-1c06-4252-8c83-7a89000a9a6f~~1
.bidswitch.net/	1970-01-20 07:17:40	Name: tuuid Value: 5d72e81d-0507-4021-bf70-119674251e1f
.bidswitch.net/	1970-01-20 07:17:40	Name: c Value: 1636324666
.bidswitch.net/	1970-01-20 07:17:40	Name: tuuid_lu Value: 1636324666
.id5-sync.com/	1970-01-20 00:41:40	Name: id5 Value: bc7631b6-c3b4-425e-aa8b-75727b93f7cd#1636324658567#2
.media.net/	1970-01-20 07:16:14	Name: data-xu Value: WjMLw22k1MJQNk5~~8
.360yield.com/	1970-01-20 00:41:40	Name: tuuid_lu Value: 1636324666
.360yield.com/	1970-01-20 00:41:40	Name: tuuid Value: 57d77296-8400-4eec-af1f-46888628791c
.pubmatic.com/	1970-01-20 00:41:40	Name: PUBMDCID Value: 3
.360yield.com/	1970-01-20 00:41:40	Name: umeh Value: !79,0,1698532667,-1!313,0,1698532666,-1
.360yield.com/	1970-01-20 00:41:40	Name: um Value: !79,l1NdYfNvg6ZL8Clwo0jphR3Dvw5DA6ms8Rg3n085rshV5ir2DFf.L3-m9ztwSdW24Q0x7wPSj9WDDf.5,1644100667!313,l1NdYUWXelkLTFhBHq8SrctX9gojSu3grU3ifmgKxJkMT181g1WCck0HWIeDHcg7nj3AIxLM0aVIhAGg,1644100666
.pubmatic.com/	1970-01-19 22:33:31	Name: pi Value: 156972:3
.pubmatic.com/	1970-01-20 00:41:40	Name: chkChromeAb67Sec Value: 2
ads.avct.cloud/	1970-01-20 07:17:40	Name: uuid Value: 0a8c8b92-c1b0-49e7-a075-208a34e141fb
.adsrvr.org/	1970-01-20 07:17:40	Name: TDCPM Value: CAEYASABKAIyCwiUoobDvpKROhAFOAFaB3J3dXE5bnlgAg..
event.clientgear.com/	1970-01-20 02:51:16	Name: mkuuid Value: mkd0e5b342-8b3c-43d5-a758-2d5359f19ae7
.media.net/	1970-01-20 07:16:14	Name: data-bs Value: 5d72e81d-0507-4021-bf70-119674251e1f~~1
.bfmio.com/	1970-01-20 07:17:40	Name: __106_cid Value: 41e8dc7b-6427-45e8-9baa-0830d5676c6e
.bfmio.com/	1970-01-20 07:17:40	Name: __io_cid Value: 41e8dc7b-6427-45e8-9baa-0830d5676c6e
.mediarithmics.com/	1970-01-20 07:17:40	Name: mics_vid Value: 22315425164
.mediarithmics.com/	1970-01-20 07:17:40	Name: mics_uaid Value: web:1:f6919088-1a52-4476-9f43-29f6746522dc
.mediarithmics.com/	1970-01-20 07:17:40	Name: mics_lts Value: 1636324667482
.crwdcntrl.net/	1970-01-20 05:00:50	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:00:50	Name: _cc_id Value: d6660caf97e5cfe1516a190d16de3a49
.crwdcntrl.net/	1970-01-20 05:00:52	Name: _cc_cc Value: "ACZ4XmNQSDEzMzNITkyzNE81TU5LNTQ1NEs0tDRIMTRLSTVONLFkAILEjlBrEA0FAFszCo8%3D"
.crwdcntrl.net/	1970-01-20 05:00:52	Name: _cc_aud Value: "ABR4XmNgYGBI7Ai1BlJQAAASzQF6"
.id5-sync.com/	1970-01-20 00:41:40	Name: 3pi Value: 146#1636324659055#-725975718\|18#1636324659299#143452425\|19#1636324659446#1683506851#d6660caf97e5cfe1516a190d16de3a49\|916#1636324658761#11619904\|441#1636324658578#-1722610397\|124#1636324658806#11619904

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1458 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id5-sync.com/c/441/19/4/6.gif?puid=d6660caf97e5cfe1516a190d16de3a49&gdpr=1&gdpr_consent= Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMOe5FWSsBCigx0bQ1sgueVD1RsA1Fp2s7HVb8GFQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.yieldmo.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
ats.rlcdn.com
bloggernetwork-d.openx.net
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
cdn.idrlabs.com
cm.g.doubleclick.net
code.jquery.com
confiant-integrations.global.ssl.fastly.net
contextual.media.net
cs.media.net
dd22498244555e740a6ea80c4a40e2d2.safeframe.googlesyndication.com
delivery.adrecover.com
dis.criteo.com
display.bfmio.com
dmx.districtm.io
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eu-u.openx.net
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
get.s-onetag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
imps.monu.delivery
ipwatch.monu.delivery
js-sec.indexww.com
js.gumgum.com
lockerdome.com
match.adsrvr.org
medianet-match.dotomi.com
monu.delivery
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pixel.advertising.com
pm.w55c.net
prebid.a-mo.net
prebid.media.net
protected-by.clarium.io
s0.2mdn.net
secureir.ebaystatic.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
ssc.33across.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.bfmio.com
sync.go.sonobi.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
web.hb.ad.cpe.dotomi.com
www.ebayadservices.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.idrlabs.com
x.bidswitch.net
dpm.demdex.net
dt.adsafeprotected.com
id5-sync.com
104.154.142.214
104.16.68.69
107.23.190.127
13.35.253.70
142.250.185.130
142.250.185.226
142.250.185.70
142.250.74.194
143.204.215.96
143.204.98.68
147.75.38.124
151.101.193.194
178.162.133.149
178.250.2.151
18.192.177.149
18.196.162.123
18.66.109.174
18.66.112.41
184.30.25.27
185.33.220.243
185.64.189.112
185.64.190.79
185.64.190.80
2.21.140.74
2.21.141.232
2001:4de0:ac18::1:a:2a
206.189.254.17
209.140.129.66
216.52.2.39
23.37.38.181
2600:1901:0:333a::
2600:9000:223f:f200:8:48e:53c0:93a1
2606:4700:3033::6815:1735
2606:4700:3036::ac43:d136
2606:4700::6812:353
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c02::9a
2a01:7e01:1::ac69:92e7
2a02:fa8:8806:12::1460
2a02:fa8:8806:13::1370
3.120.13.220
3.126.56.137
3.33.220.150
34.107.148.139
34.120.133.55
34.149.20.76
34.98.64.218
35.156.135.60
35.156.230.193
35.186.236.140
47.252.78.131
52.22.84.205
52.222.214.123
52.222.214.17
52.28.203.152
52.29.20.215
52.51.212.11
54.228.52.99
54.85.226.207
99.80.189.205
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
047dec5dac18b3d7469ea10ad19e64e040eb87fd76ca929c707cf8559e28d3c5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
099d5a93d27e43c40b29b9f45a57492ca8d87ee45d14d7a83d0ff39735822b3a
0a1921034f490e8b5f2c42d89182f6457ef75c0dff58e989c301e83fa468979c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9426060c3ebdcbc78eac8c1f5b0d067e9d08a3c2ddfd1a868a29c260e36048
0c08815f5e74c5477b25c5303f3b512b5c04ccf403e41e319c29cb5243fce5f8
107abe4a522e8ac6ca1b7df21787fb569049fa9d03b47c0a94acf487bfdeabd0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15398d9b9c6666d022c54cb40fa642de186febdeac77da72940e666dcb4974cd
177e5f948cc82a4c47e8019cabe6588a2dbecc64436ba17d6b949e223ea0cd3f
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1e1fd9dc3289c279bf15ee7b924d4c0feba817a5e3a55648a5ab315f6b88fd08
212fd7ede64f9740eb66e30545c1f021f835b5c03572ca8e9589c37901da23e9
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2613ae2b69abea5c2ec9a39f0d71e19746ebbcb8b64fa224fd088fb500c0fa73
270be58b040d0b59d87a4deea0ca09e1b49916b84858005cd3e3e1f2d302ba32
280a6c489310a42f2e44e4a1a394b6f11143d2d318dd0697ea6b78445fa18424
297f929bd96816e13cdfcde11716f3daaf61658f0a7303ffe23de511c4a51aac
2adbdcc43fd77452efd4601d8237cb47d20493e6f309f6c4e966f54cb7386896
2ce1fa10f163d04363788b4000bb3e828112c267a75f84d15272ace859648154
2e0138178b68ba97b31998b5f81143ca66fab58aade2e92ae9ba3a600decbe66
2f3e7ea17b518b4f09db510225a46097ba164d8a96537d2102884f2abfca0ec7
300a85ae6fe0e8ec7d5a6c398ab1bc5b862af64160993fd09b1fb0febb246bf3
3227b5358eb58ebe176688f82f5cdaadf3e66563278646e4fc949761376ed182
386182772151e7747ebe66a2490b3b359d784ebd83bfade6d2cebe614ab83a45
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3c0b943766ab10425a01c2f474da801b1a4db989fe9b75e1c0dc30527fcdfe03
3daf4e835f7ef11056bb6d154f869994359cce4013eb48dacde87522b1ea65f0
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c58ecea3e709bdb4dd8aa57e391f0e93de65534a7cfb616450d710f574dafbe
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eac50110be4f302279ca9c75cdccad805f49d22d6a3271468270a01ef3a6bce
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5588fd5e5a07fc4a6a51a8eba813ba8023ea2b23016f2aee59ac00da39d3da14
56387e3ec71a36e8829b7f9420ce6e624ad0c331f81a801264f56d58626be371
567d523603299b74fdce2909d8376036cdc81280b8f562fd00edd01795886e02
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
593ebb9e0a61782012d42cf3a01e57ba119e3870e420e9507b911f9d6fd40fca
5b0c80c0cadc13f8ef07dd211e2b4ef3b5c3aaef0cf1ab3313ff1275ba8ca3e2
5d5a5c0095fe718c191d87436e9a01949905dddbb7a3c0688f9c3b90e3105ec5
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e85deeee5b8e99ce645072b12afe0068b6ad49f41598eb2c6874fbc3c047c98
63706cba9dbfa38f4472b2c93ab06c8f8699b8e9f4be4c0542482a92fc6d7711
67426b9d007e47f74151e599bc9f6be02030b0e16dcdf707955b961db2ecd706
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70465b84a79b20922b7378e85c3c1a046dc96f34e4931832146eb590af86fec7
71f6c9d977d77beb83c10d58bd7c6b6cdb45cba57492a9aa82ae7dca187324aa
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7789724e8c19a370bbd709d7c693b7a8a981f8af37b03ce784a67d30c1ffd2a6
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7dedac502ca0c39765cbcaeaea8464cee7eed16289c4627d3ed7cc9c3df7967a
7e93241661bd09b0ef648863b355d392ee2b64611c4b6b629acb1fa25619e1a2
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
81891be9ab025b1d447a642301e4f12570315514e2d3817752a5c480578365d2
82f62cbebebf1d369ff1dcff161afbadff3660cc8b4bed875a4973cc5c95926d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8375b6d78687c24c35f1c2fd365d5b88a5f47bb295cc336d114f57daef0c419c
83f0139d17ec56eea8e5834ed925a00110689b5b0cc7fec2fb13999222801a97
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85cffc3ea03a13a34a0840865f223c69988c6001820d74b50a7f85831611272e
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8ab6745de70cebc6209b53dd59820a04cbf7f480145c925860a2829ce24be3c2
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8ed09da9e94557b66bb1b5e276469f09e1f48d7fb1b8b6d9168684305422c2f6
91d8c42e3ea9d729bd02722d33f36b499f96578c58bb7dbeb05ba5cbb2aa4274
9248c07a8eda88a4e95028303c5362adbb223a01d24e2559eb3ed22cad1fd1d0
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93b0aa4716c14264d3fc29ac247e69c7e45ded52181a4c96beabdab6cb444cbe
948729b433c670f78b47ef13c7a7ae2bc0b997bdf9cfa533d7ee3650f2da9868
9667d3d6230b7be24787e21a112533e378cbf5d81953fef3b9627f1657a53a41
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff2b4e8caa6f3ecc8a280d403de673a9a78e977d9e8b94b9de55e23d683e634
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23c0b6ee897564c4d6265aa560fb11a454756aea0a1a4684d5d2e535a4bbe7d
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2d29fe1b83a44b093a0c5b46eebd5b41895c04032dab8284a81cc33e5ccd02e
a32305a0a242504fac5a267135d123c3ad761e293c2183c60d9b270100704112
a38e19c24e07713eff175ef703c0b18cc54d864f44f695f84dece963843c75a6
a3ae19bc081dfc0396b0eb105e1af3c85c2f96b15a0381e832b0740e75782c02
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
a90eeb9fd4ab0e6a0213c1e0f9b0e6faaa80a3f444f03a6557645286a2a03ee4
a9ec6e957ae6a2625932851df4164407fcb252b9e981bbb92d505875158eca14
aab0f3439ac159268205cbb825c984c25831e995f4a9af8729c0009cff56ea1e
af1684fcf2b488bdbf24c364d9651a7f3912dcfa0a3477d7653d60eb032c06a6
b099780ffe01c9cb2daae55f783b77b16fc1f3c02754536a03c3c31b70aac467
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bce502c2075eca34d6f4d631801d70e458714824003a3859565e44b3065e5b
b2a17f75640ea7fe968eb8de7ca2e6a8b175b4eac410acb50621d4cd9fc951c5
b2e22288fc574c74863010402596598d2571f42cf5c3645890ab5024abe3754b
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b4de8cbcc3679058b5f6c6c56b78d7d400c9b23583cfcf75451d9433040f2776
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfe889951d907fd5d1b2c128f6f4849737e3c4388647555228e23e4856ed57a4
c1492de5d2c40e72dd875883b1ebb2b136042e49f7279c2db41005259e5b3f23
c2d93b055e317d4dfacba3abe2dc78fb80bfd2bff27796eb82b14fc6865ad509
c4000634d3c8528ca8c42a3bbc08e0497c64424d037326324e391c5f916c28db
c4e238f0ed15390cc889b2c2a3df5056bfa299211c8313c745745d651ae947a0
cc7d5e554a6473755aa27f4f65e22705efef907dfa53d98534342e17757240b4
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
cdd9a3e5f93beae071bf6d215271850facbb94b138d92cdae5e749fe42fb14c6
d12b4fed042fb9b25cd8e492d36a5fa973424aeb5a4f2d4075c2bdf80460c063
d2399a2dad958bb6d0063d5d187a71ffe97c39aa0b4a62eae1ca0351f7e5eb30
d3fde4c8f30e528a11005ddc838a1f1cd3179e32d8ab856cce90d490a41e4946
d58bd164bd8e3dec743c3e67b9880f29095a7cee2b4eeef7312b23904ef9765b
d5ed227baf46838ef5eb64898aecaf88501a88fc5857d03b0bfe24599ceffe07
d861d86ce2642180a83e1202d7f03e1f5d5bf97d6ad3576a31090a5696c28ea6
d8ab7ae9e9ccf94258b9243409edf9356ec6a80a3a44cf664a24e8517861af91
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc3aa7c7193b7f6a73203db7b3766f165bd4717467e6980ce4e835585ddade5e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0cf3dfae638a3dba9811c366dc2da6a3cfa71425c246464eeed9e4937e4a7ee
e29cabca3ff0a0549bd35925e50b40cf18f249ac5714a2c30dd2912bb78992cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5c5dc2efce65965d5a8b13cb1455d371812ba1ba7a09ec82e9377ada890d35
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f223d3caeb0941af4b41681d5b70be6b00401df1e59619dd87fa8549adb3f0
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5517b6233f9301ccb68b9e51af3b3035073437adc1e11a6fb02351095237284
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f7f080f1204c3da41fecc038d186c1da1b7e4302d90ce9fa9abab26015a1100e
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe2d0e55ffd04640e5be6320608ff352fc3c7dca68d70226dc8f7d18bb3246aa
fef98fa930976e1c303a0a8f6b74e564980917146451435b27be54267843afc1

www.idrlabs.com Open in urlscan Pro 2606:4700:3036::ac43:d136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

211 Requests

91 %HTTPS

35 %IPv6

51 Domains

84 Subdomains

68 IPs

9 Countries

2106 kBTransfer

4920 kBSize

76 Cookies

2 Outgoing links

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.idrlabs.com Open in urlscan Pro
2606:4700:3036::ac43:d136 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

91 %
HTTPS

35 %
IPv6

51
Domains

84
Subdomains

68
IPs

9
Countries

2106 kB
Transfer

4920 kB
Size

76
Cookies

211 HTTP transactions
2 data transactions