elpezdfw.com Open in urlscan Pro
2606:4700:20::681a:fd2  Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

• https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9e8cfcea5e278%26domain%3Delpezdfw.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Felpezdfw.com%252Ff115f68b4d6d08%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Felpezdallas%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false&width=500 HTTP 302
• https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9e8cfcea5e278%2526domain%253Delpezdfw.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Felpezdfw.com%25252Ff115f68b4d6d08%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Felpezdallas%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500

Request Chain 93

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 163

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtLMsYxdIw7PXTGw2Yyq-o&google_cver=1

Request Chain 164

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yv-2IVmY7cRKsiz3u0JYqwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtLMsYxdIw7PXTGw2Yyq-o&google_cver=1

Request Chain 165

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEKBPP2Ms8N2aKimufleQRT0&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKBPP2Ms8N2aKimufleQRT0%26google_cver%3D1

Request Chain 166

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1MTU3NzIyNzI2MjM3MDI3OQ%3D%3D

Request Chain 194

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 197

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 199

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 234

• https://fw.adsafeprotected.com/rfw/st/1141311/65046779/4.js?ias_dspID=3&ias_campId=1008628059&ias_pubId=pub-3522377144365482&ias_chanId=1&ias_placementId=17989214151&bidurl=https://elpezdfw.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iakE9i8fFUeZ0E33faWIcL&adContainerId=brand_safety_Ifb_Yq3lA92p3gPUuYrYCQ&cbFunctionName=goog_wrapCb_Ifb_Yq3lA92p3gPUuYrYCQ&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Felpezdfw.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:745afeb4-76e2-be01-4a6e-c372b4839f06,c:lLU8R5,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-7fc957cbd5-784gm,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:teZwLCS+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C191%7C192%7C1a1%7C1b*.1141311-65046779%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:22,oid:b1950baa-1fff-11ed-ad1c-2a78c304d3a3,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/4a.js

Request Chain 273

• https://www.youtube.com/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220817&foc_id=L0G_Et4IZSqxN7CXL8bJJQ&label=followon_view&ptype=no_rmkt&random=660216157 HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220817&foc_id=L0G_Et4IZSqxN7CXL8bJJQ&label=followon_view&ptype=no_rmkt&random=660216157&cv_attributed=0

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response elpezdfw.com/	65 KB 14 KB	434ms 374ms	Document text/html	2606:4700:20::681a:fd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d37dbf38bd989b181444f0f4a4389304a52409ad83fec6a5ebdc073c357836d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-expose-headers Request-Context arr-disable-session-affinity true cache-control private cf-cache-status DYNAMIC cf-ray 73d5b9de2a889189-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 19 Aug 2022 20:44:14 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy autoplay=(self) referrer-policy no-referrer-when-downgrade report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeuIU%2B6qiDE6lqlDJ8EqR7NMHNWyQ3%2BozoXUDeSoteolR6n2C9R4qLhEk6TANEUbu%2FozKyGPotJgT9RF0y8TTSgxb5r%2F%2BemSzGUptD6JSCY%2FU4%2FHejcwgd7OnrvLAB0G2K2aTK2pP7vaNA%3D%3D"}],"group":"cf-nel","max_age":604800} request-context appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6 server cloudflare vary Accept-Encoding x-aspnetmvc-version 5.2 x-frame-options SAMEORIGIN
GET H2	200	smart-app-banner.css cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/	6 KB 2 KB	73ms 20ms	Stylesheet text/css	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.css Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6568273e9d257a19332421d7a519b3ae0f8a564e76aca9f603e848521f341db7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 3946849 x-jsd-version 2.0.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1312 etag W/"18e0-Q3YhhM4JpT5zqjU4KPdCD53yYoM" x-served-by cache-fra19125-FRA, cache-hhn4052-HHN x-jsd-version-type version date Fri, 19 Aug 2022 20:44:14 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	css fonts.googleapis.com/	13 KB 1 KB	89ms 39ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 18f70946b38b8a88be74260c9a9ce9959429850af508e03a004a7e2634c5ee97 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 19 Aug 2022 20:44:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 19 Aug 2022 20:44:14 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 19 Aug 2022 20:44:14 GMT
GET H2	200	head.60936455961063ae18e9.js Show response cdn.saleminteractivemedia.com/dist/static/js/	2 KB 1 KB	156ms 56ms	Script application/x-javascript	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.saleminteractivemedia.com/dist/static/js/head.60936455961063ae18e9.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 7a6752b5365f55ea5f587f8d096f18a214f7961a92b8d1a929d66cf33f01623c Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:14 GMT content-encoding gzip content-md5 1bTJ1k3ARUYr15+mKQ2p9w== content-length 845 x-ms-lease-status unlocked last-modified Fri, 22 Apr 2022 13:34:56 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA2464E422EEB6 x-hw 1660941854.dop244.fr8.t,1660941854.cds146.fr8.hn,1660941854.cds148.fr8.c content-type application/x-javascript access-control-allow-origin * x-ms-request-id 11f79913-701e-0017-044f-56c8e0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=21229256 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	klty-hd2.css cdn.saleminteractivemedia.com/dist/a806c68e/site-css/2018ccm/	182 KB 31 KB	706ms 606ms	Stylesheet text/css	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.saleminteractivemedia.com/dist/a806c68e/site-css/2018ccm/klty-hd2.css?hash=53fbf768cb0eccbd7ec0 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash c4a913fca7baa2a956008b1b2c5336ffd354dc6f0ef1e003fa0a86aca6de9fd6 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:15 GMT content-encoding gzip content-md5 cp5oka5H73GQSbFW6cVPvg== x-ms-lease-status unlocked last-modified Thu, 18 Aug 2022 19:46:42 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA81526023627D x-hw 1660941854.dop244.fr8.t,1660941854.cds146.fr8.hn,1660941855.cds051.fr8.p content-type text/css access-control-allow-origin * x-ms-request-id 3c21da46-e01e-0030-1a0c-b452a9000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	97ms 38ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://elpezdfw.com/ Origin https://elpezdfw.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:14 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 874 access-control-allow-origin * cdn-cachedat 08/18/2022 13:39:25 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 etag W/"269550530cc127b6aa5a35925a7de6ce" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid cf8edf794a9413eddd410b60354ea0c0 cf-ray 73d5b9e148c25b98-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET		a2fee930-b8b0-0136-d8da-06a9ed4ca31b tag.simpli.fi/sifitag/	0 0
GET H2	200	widget.js Show response campaign.aptivada.com/	75 KB 14 KB	104ms 25ms	Script application/javascript	18.66.97.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://campaign.aptivada.com/widget.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-37.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 2784c542114791c6dbd92d298e5472ef1f0595eb6cfb515758c2a05e27a915f1 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-version-id UoT3heo5YFH3_PMfEdnsxWImwNucpmP6 content-encoding gzip last-modified Mon, 22 Nov 2021 21:42:09 GMT server AmazonS3 age 5516 etag W/"3ad3a6232d4f711267c5e1c660ae4d2b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront) date Fri, 19 Aug 2022 19:12:53 GMT x-amz-cf-pop FRA56-P2 x-amz-cf-id wdfKMTfTN-RVTeSj5dDjAEEEWDARfeQw6GiGSQTJi1ogwaML-_FvZw==
GET H/1.1	200 OK	load.js Show response s.ntv.io/serve/	472 KB 135 KB	127ms 30ms	Script application/x-javascript	23.35.237.64 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.ntv.io/serve/load.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-237-64.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 7c6cd1e00f3a764bd02e959653a10d529dbfe1012d64f253d7490c625ed6a654 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 19 Aug 2022 20:44:15 GMT Content-Encoding gzip x-amz-request-id XY4QPPM1PVAMGPKR x-amz-server-side-encryption AES256 Transfer-Encoding chunked Connection keep-alive, Transfer-Encoding x-amz-id-2 BsgaJPxNie3pNmJM9R1DoeyeiuGbdvH1Ra83jzxYxtJLN4963yy6NrhGaMyJsXUJGtsQYQXv6Ho= Last-Modified Fri, 12 Aug 2022 01:01:09 GMT Server AmazonS3 ETag "febd3311857289fff1b140dfb03d0b67" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Accept-Ranges bytes Access-Control-Allow-Headers *
GET H/1.1	200 OK	sw.register.js Show response pushtoast-a.akamaihd.net/2.0/	113 KB 36 KB	365ms 55ms	Script application/javascript	2a02:26f0:ea::1706:7031 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://pushtoast-a.akamaihd.net/2.0/sw.register.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:26f0:ea::1706:7031 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 4cd0b6c0a4d42e4fac032e04525dfd8dc8dc2ca0a198ce178d197f0bbdc7afc1 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-version-id b3yedJDRaxIEfkCp5GacXxX6.JPoI0jb Content-Encoding gzip ETag "0e0fe7a3447c0f6320f62f3173136dd8" x-amz-request-id Q9Q2F4N0EC4AV2YS Connection keep-alive Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 36333 x-amz-id-2 1ai2HkLdgNWKHJhG3gNmQYN+YX6qav1EHfICujUg169dTHjrGCpQA25fiFw9wTZmfEcaJQG12tY= Pragma no-cache Last-Modified Mon, 31 Jan 2022 21:23:51 GMT Server AmazonS3 Date Fri, 19 Aug 2022 20:44:15 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET,POST Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=0, no-cache, no-store Accept-Ranges bytes Expires Fri, 19 Aug 2022 20:44:15 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	84 KB 29 KB	96ms 32ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software sffe / Resource Hash caa4c024d8a90824101047d8e478951ec3846b2e07d4a955c31e17241e12f197 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28723 x-xss-protection 0 server sffe etag "1308 / 492 of 1000 / last-modified: 1660907276" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 19 Aug 2022 20:44:15 GMT
GET H2	200	smart-app-banner.js Show response cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/	25 KB 9 KB	72ms 20ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/smart-app-banner@2.0.0/dist/smart-app-banner.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c60bb4ab3dddedd4afb6c16f8ccb89f6cfdb6676014da18669318a15f67e1ca4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 851138 x-jsd-version 2.0.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 8896 etag W/"63df-zaXYbgdCCfJOt2MRbGfFxbMV9Dw" x-served-by cache-fra19155-FRA, cache-hhn4052-HHN x-jsd-version-type version date Fri, 19 Aug 2022 20:44:14 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	invitation.ashx Show response salemlivechat.com/scripts/	135 KB 46 KB	594ms 534ms	Script text/javascript	2606:4700:20::681a:30a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://salemlivechat.com/scripts/invitation.ashx?company=kltyhd2 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:30a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ac3077912add9775c671a559f8861e8060ee6c95d1786f52311c55007f4abe3b Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-aspnet-version 4.0.30319 x-powered-by ASP.NET p3p policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" access-control-allow-methods POST,GET,OPTIONS,PUT,DELETE content-length 46056 x-ua-compatible IE=edge server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFpjnf3OVCP6PzxOQeRjabryE%2BYV%2BEx0D6Rgx9oPneHFzFUzNw1Yuks4LYZGF%2F3lC5WWHw5zefO2kl7c1l06jxX5FmiuwQbUAXsWarmf3yj%2BGSqYWagOQobRLuhtxR3TCS8gxI7%2Bv5EWc9wVfvN2"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Request-Context cache-control private,no-transform request-context appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f cf-ray 73d5b9e629ee9bf2-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization
GET H2	200	legacy-main.min.js Show response cdn.saleminteractivemedia.com/shared/scripts/	703 B 543 B	23ms 23ms	Script application/javascript	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.saleminteractivemedia.com/shared/scripts/legacy-main.min.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 588133c793503d8e894dd83e66971a0021c12acefe6003c60e2faa40948d09b9 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:15 GMT content-encoding gzip content-md5 TScqCQvt4cZFL1uRf4U93Q== content-length 330 x-ms-lease-status unlocked last-modified Tue, 21 Jun 2022 00:19:19 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA531BAF054F76 x-hw 1660941855.dop244.fr8.t,1660941855.cds146.fr8.hn,1660941855.cds098.fr8.c content-type application/javascript access-control-allow-origin * x-ms-request-id 68bc61fe-401e-0014-5407-85cbe7000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=26366216 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	vendor.b277c96ebd0153da4e7f.js Show response cdn.saleminteractivemedia.com/dist/static/js/	107 KB 37 KB	111ms 32ms	Script application/x-javascript	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.saleminteractivemedia.com/dist/static/js/vendor.b277c96ebd0153da4e7f.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash b5a1c8b0ac1fd44b0b494bd51cbf0d303410e4ae2d7827b1059d9013e673dc7b Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:14 GMT content-encoding gzip content-md5 Pv/GkQdecaOXfB0NhOUMYA== content-length 37609 x-ms-lease-status unlocked last-modified Wed, 08 Dec 2021 02:13:00 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D9B9F0426478B5 x-hw 1660941854.dop244.fr8.t,1660941854.cds146.fr8.hn,1660941854.cds259.fr8.c content-type application/x-javascript access-control-allow-origin * x-ms-request-id 60089b29-201e-0004-6ddb-ebfd01000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=9524925 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	vendors~2018a-2018ccm-2019nt.3cbcf01b8a5be4136eb7.js Show response cdn.saleminteractivemedia.com/dist/static/js/	26 KB 8 KB	141ms 62ms	Script application/x-javascript	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.saleminteractivemedia.com/dist/static/js/vendors~2018a-2018ccm-2019nt.3cbcf01b8a5be4136eb7.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 986841307db09386ceafe253761bb5afc8446769548317550d4e520a9028bdee Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:14 GMT content-encoding gzip content-md5 1CAEMtMsxN3hv47e3KRZAQ== content-length 7608 x-ms-lease-status unlocked last-modified Fri, 22 Apr 2022 13:34:56 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA2464E42BC798 x-hw 1660941854.dop244.fr8.t,1660941854.cds146.fr8.hn,1660941854.cds244.fr8.c content-type application/x-javascript access-control-allow-origin * x-ms-request-id 51e9c90a-c01e-002c-6d4f-568abe000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=21229256 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	2018a-2018ccm-2019nt~2021nt~promotions2020~radiohost2020~surround~surround2021~tuition2020.5a341c30756501e93319.js Show response cdn.saleminteractivemedia.com/dist/static/js/	46 KB 13 KB	135ms 56ms	Script application/x-javascript	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt~2021nt~promotions2020~radiohost2020~surround~surround2021~tuition2020.5a341c30756501e93319.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 1d8eba9c16a6dbb3e30af26db6e63c808d7826786547c49a6e58eaa268fd4902 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:14 GMT content-encoding gzip content-md5 +YwpYNg3Zc47q5hTo1N1/g== content-length 12727 x-ms-lease-status unlocked last-modified Fri, 29 Jul 2022 17:56:22 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA718BA5D93D5D x-hw 1660941854.dop244.fr8.t,1660941854.cds146.fr8.hn,1660941854.cds239.fr8.c content-type application/x-javascript access-control-allow-origin * x-ms-request-id f1934202-f01e-0042-3a75-a32397000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=29711828 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	2018a-2018ccm-2019nt.286336ab1f2c4e209832.js Show response cdn.saleminteractivemedia.com/dist/static/js/	140 KB 34 KB	144ms 65ms	Script application/x-javascript	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt.286336ab1f2c4e209832.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 2ec70149f8ba2e8e8bf6c22c2f158d891833e3dac5beb606ad7f4c3e7ad1cff0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:14 GMT content-encoding gzip content-md5 BCrf84mGqWyMTDGUiFh5nQ== content-length 34776 x-ms-lease-status unlocked last-modified Thu, 11 Aug 2022 14:30:10 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA7BA5FF45C110 x-hw 1660941854.dop244.fr8.t,1660941854.cds146.fr8.hn,1660941854.cds151.fr8.c content-type application/x-javascript access-control-allow-origin * x-ms-request-id cc2d8b36-c01e-000e-3790-ade488000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=30823217 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	gtm.js Show response www.googletagmanager.com/	90 KB 36 KB	83ms 34ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N7P568B Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6416cdd514a8590bd2e15bdba843994fb957651b68fb1ec53790a52442f14fa9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36021 x-xss-protection 0 last-modified Fri, 19 Aug 2022 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 19 Aug 2022 20:44:16 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	94 KB 37 KB	103ms 55ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NK2R6Z2 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5aed0201f2e0d46c82abf0aff3b368c51a01a0e42e5d0ad53cf6c68d5718955a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37302 x-xss-protection 0 last-modified Fri, 19 Aug 2022 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 19 Aug 2022 20:44:16 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	70ms 21ms	Script text/javascript	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 6136 date Fri, 19 Aug 2022 19:02:00 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 19 Aug 2022 21:02:00 GMT
GET H/1.1	200 OK	trackpush.min.js Show response s3.amazonaws.com/cdn.aimtell.com/trackpush/	47 KB 13 KB	487ms 144ms	Script text/javascript	52.217.92.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js Requested by Host: pushtoast-a.akamaihd.net URL: https://pushtoast-a.akamaihd.net/2.0/sw.register.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.92.118 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 84539a57764fd40a7604197b8a0efe82113dc5d755f147a8ab6bd769417ff2ae Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 19 Aug 2022 20:44:17 GMT Content-Encoding gzip Last-Modified Thu, 23 Jun 2022 15:52:31 GMT Server AmazonS3 x-amz-request-id CH1FMCCRCJHFFBEY ETag "7f1f0c2240af490b88a7cf1bc3834e44" Content-Type text/javascript Cache-Control max-age=86400 Accept-Ranges bytes Content-Length 13310 x-amz-id-2 sFa67xpOGsoUjTcoCdRJRlex0II7vVuq54Wnr1Vr4pV3UqZNzZiHE4r4sKqaBGP6jBcJonLtuZE=
GET H2	200	z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 fonts.gstatic.com/s/opensanscondensed/v23/	16 KB 16 KB	96ms 47ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elpezdfw.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 16 Aug 2022 22:27:42 GMT x-content-type-options nosniff age 252994 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16324 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:08:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Aug 2023 22:27:42 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	68ms 20ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:700|Open+Sans:400,400i,700,700i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://elpezdfw.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 18:50:24 GMT x-content-type-options nosniff age 352432 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 15 Aug 2023 18:50:24 GMT
GET H2	200	pubads_impl_2022081501.js Show response securepubads.g.doubleclick.net/gpt/	384 KB 131 KB	23ms 22ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software sffe / Resource Hash 6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 12:21:01 GMT content-encoding gzip x-content-type-options nosniff age 30195 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133600 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:36:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 19 Aug 2023 12:21:01 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	71 B 96 B	70ms 29ms	XHR application/json	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=elpezdfw.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash ab899c39b30a1f704cf3751e2d37a513d0735a9b3f1fd78e159f09f70fd9f675 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 71 x-xss-protection 0 expires Fri, 19 Aug 2022 20:44:16 GMT
GET H/1.1	200 OK	250x450 Show response klty.christianjobs.com/iframe/ Frame B713	8 KB 2 KB	416ms 115ms	Document text/html	34.202.13.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://klty.christianjobs.com/iframe/250x450 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.202.13.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-202-13-194.compute-1.amazonaws.com Software nginx/1.22.0 / ASP.NET Resource Hash c116f6f0904ecd982f6891411b9bf707cd554b38642fb8e335c4994e5511e976 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control private Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Fri, 19 Aug 2022 20:44:16 GMT Server nginx/1.22.0 Transfer-Encoding chunked Vary Accept-Encoding X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 5.2 X-Powered-By ASP.NET X-Robots-Tag noindex, nofollow, nosnippet, noarchive
GET H2	200	widget.min.js Show response weatherwidget.io/js/	3 KB 1 KB	88ms 28ms	Script application/javascript	2606:4700:3030::ac43:903b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weatherwidget.io/js/widget.min.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:903b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br cf-cache-status HIT last-modified Tue, 08 Oct 2019 21:35:32 GMT server cloudflare age 12888 etag W/"5d9d0124-a4e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2PjCRIDGQclYRUk68flH7E9LqG1BP42vxJ8GoH79hWZw4cNAkG%2FQPiWtvUn0yM0p7k5FeXOGzBUCEZAmieF9TpWVfYp0rakR0uIpt%2FLEV8i%2FQJQFmrTQABR%2Bp%2B9%2BtU21mJMCmzLu%2BecT16jmnn%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public; max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73d5b9e8bceb8fee-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	nowplaying Show response np.tritondigital.com/public/	385 B 612 B	813ms 260ms	Fetch text/xml	208.92.55.20 TRITONDIGITAL
General Check archive.org Show headers Download Go to Full URL https://np.tritondigital.com/public/nowplaying?mountName=KLTYHD2AAC&numberToFetch=1&eventType=track&cachebuster=2022719204416 Requested by Host: cdn.saleminteractivemedia.com URL: https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt.286336ab1f2c4e209832.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.92.55.20 , Canada, ASN13360 (TRITONDIGITAL, CA), Reverse DNS Software nginx / Resource Hash 3cefcb541dcf954aafa3f4ec4703f645d82651c8bca288a477dcaa605293c834 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 19 Aug 2022 20:44:16 GMT Server nginx Connection keep-alive X-Cache-Status MISS Transfer-Encoding chunked Content-Type text/xml;charset=utf-8
GET H2	200	icomoon.woff cdn.saleminteractivemedia.com/content/icomoon/fonts/	14 KB 14 KB	148ms 92ms	Font application/octet-stream	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://cdn.saleminteractivemedia.com/content/icomoon/fonts/icomoon.woff Requested by Host: cdn.saleminteractivemedia.com URL: https://cdn.saleminteractivemedia.com/dist/a806c68e/site-css/2018ccm/klty-hd2.css?hash=53fbf768cb0eccbd7ec0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 281ea9262922f63e5a0924478d1a9e281e11c691f1c597296b50450bc0644eec Request headers Referer https://cdn.saleminteractivemedia.com/dist/a806c68e/site-css/2018ccm/klty-hd2.css?hash=53fbf768cb0eccbd7ec0 Origin https://elpezdfw.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 ZVO0P65zf7SDJft7zSrz6A== content-length 14024 x-ms-lease-status unlocked last-modified Fri, 17 Jun 2022 18:17:46 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA508DADE40238 x-hw 1660941856.dop131.fr8.t,1660941856.cds005.fr8.hn,1660941856.cds008.fr8.c content-type application/octet-stream access-control-allow-origin * x-ms-request-id 684dfd24-c01e-0005-4077-82fcfc000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=26084484 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	iframe_api Show response www.youtube.com/	980 B 2 KB	100ms 37ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: cdn.saleminteractivemedia.com URL: https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt.286336ab1f2c4e209832.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3eaf84239f4ba1260a326ba26877b891df755d5a74be40dda54f8dcc99c163b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br x-content-type-options nosniff p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server ESF x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Fri, 19 Aug 2022 20:44:16 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	109ms 32ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: cdn.saleminteractivemedia.com URL: https://cdn.saleminteractivemedia.com/dist/static/js/2018a-2018ccm-2019nt.286336ab1f2c4e209832.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e6fac3d2ef818af6218a5a00b6c15f9254d01d105b6a7de35e98c2f4653f2bcb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 zfxatlj00OThK4VwctE8Tw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 1685 x-fb-rlafr 0 x-fb-debug xH1+leFFv51G4xfBlGw25kMfjtasm7Vet2mSh3KOeo9Ag6Spj9HV+ZuH3prl2ukH6HCUKnsQ+do9IyxdJqTdaQ== x-fb-trip-id 720026100 x-fb-content-md5 36fab71b1628d2b95614a91e747e2851 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 19 Aug 2022 20:44:16 GMT vary Accept-Encoding x-content-cdn-origin-ts 1660940945081 content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 etag "e6e5323dba73ac09cdad5f4f22d2c1c1" timing-allow-origin * priority u=3,i expires Fri, 19 Aug 2022 20:49:05 GMT
POST H2	200	getprogramguideinfo Show response elpezdfw.com/	332 B 579 B	133ms 131ms	XHR application/json	2606:4700:20::681a:fd2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://elpezdfw.com/getprogramguideinfo Requested by Host: cdn.saleminteractivemedia.com URL: https://cdn.saleminteractivemedia.com/dist/static/js/vendor.b277c96ebd0153da4e7f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 33d732dc7a2de161c7dfe28b01f6aa5c4c78351670fdd437c4f69c756d1fe52c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://elpezdfw.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} arr-disable-session-affinity true request-context appId=cid-v1:82653370-b0cd-4f4c-8872-b0311da976c6 referrer-policy no-referrer-when-downgrade x-aspnetmvc-version 5.2 server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XOS35Qo8AnlgNVuOPvikSzxjjwNN%2F9GVZkTrkAM84brB%2BmIEdpQ%2FrVUaIrMwySKuknJP6N%2Fpni%2BZohB5mcGfL%2FenrdKCTGOIbGICmFpGx77etvRfVDCnWFZTQIKoHuSIOqurkFnHx%2BQfA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-expose-headers Request-Context cache-control private permissions-policy autoplay=(self) cf-ray 73d5b9e8fb379189-FRA
GET H2	200	template3_logo.png cdn.saleminteractivemedia.com/shared/images/logos/345/	51 KB 51 KB	469ms 466ms	Image image/png	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/shared/images/logos/345/template3_logo.png Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 07a2c75718de7522f328c6b14076690101d58bb0fa925a2e7d9e4031ca0655f6 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 nlbNvdr5M09r6F8zklFhGg== content-length 51871 x-ms-lease-status unlocked last-modified Tue, 18 Dec 2018 16:10:30 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D66503550C7E47 x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds153.fr8.p content-type image/png access-control-allow-origin * x-ms-request-id b234b53a-501e-000b-680c-b410f7000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	play-button.png cdn.saleminteractivemedia.com/shared/images/	2 KB 2 KB	36ms 33ms	Image image/png	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/shared/images/play-button.png Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 27b65ea8c6cceebb6e32225e0dacd973a6358953d5c3b55841a685eb0a12d055 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 iK52X5B86FHk7qX9XxbesA== content-length 1851 x-ms-lease-status unlocked last-modified Fri, 26 Oct 2018 17:40:26 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D63B6A1D42BC9E x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds016.fr8.c content-type image/png access-control-allow-origin * x-ms-request-id 5c730faf-501e-0029-6e08-7e7ec1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=25597133 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	directorio-de-iglesias-880x440.jpg cdn.saleminteractivemedia.com/344/content/196753/	139 KB 139 KB	603ms 600ms	Image image/jpeg	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/344/content/196753/directorio-de-iglesias-880x440.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 17f47f6018e1f4adab6b12497c137027c6b51d55cb30273738e87e2a4849451b Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 yMXq8k691nOPNI1+NXcc7A== content-length 142323 x-ms-lease-status unlocked last-modified Fri, 18 Sep 2020 03:52:08 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D85B863769B2C4 x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds260.fr8.p content-type image/jpeg access-control-allow-origin * x-ms-request-id 619f1e4c-d01e-0055-0b0c-b4e3f4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	community-events-hero-880.jpg cdn.saleminteractivemedia.com/344/content/196754/	68 KB 69 KB	40ms 37ms	Image image/jpeg	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/344/content/196754/community-events-hero-880.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 191d0aaf9bccb8e39704c378b7917a1a8d4204f8145681467eceb93b783a60fb Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 IqhQq2EM8db9Q11dNxN8MQ== content-length 70003 x-ms-lease-status unlocked last-modified Fri, 18 Sep 2020 03:52:10 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D85B86383AF105 x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds052.fr8.c content-type image/jpeg access-control-allow-origin * x-ms-request-id fe89e4d7-601e-0008-0433-b313f0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31443035 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	futures-conference-2022-880x440.jpg cdn.saleminteractivemedia.com/114/content/263129/	105 KB 105 KB	53ms 50ms	Image image/jpeg	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/114/content/263129/futures-conference-2022-880x440.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 466df3f1613ab647f37730d11f11b6a66c9c185dfd80deba5551885b436200e5 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 xBg7k2mG6/ltVbUFqETIXw== x-ms-meta-uploadedby Chaffee,Dan content-length 107036 x-ms-lease-status unlocked last-modified Tue, 09 Aug 2022 13:01:29 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA7A0746EFC976 x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds140.fr8.c content-type image/jpeg access-control-allow-origin * x-ms-request-id cc9845c2-701e-0035-4d8d-b2a6d6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control max-age=604800, must-revalidate x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	deeper-faith-cruise-2023-880x440.jpg cdn.saleminteractivemedia.com/187/content/263006/	110 KB 111 KB	65ms 63ms	Image image/jpeg	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/187/content/263006/deeper-faith-cruise-2023-880x440.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e62c0868a25b0208ca61197cd4ad23a41ccb18cb0abe9bb548c3a697d75a706e Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 odufZRKWsrX9AiKaqagABA== x-ms-meta-uploadedby Chaffee,Dan content-length 113103 x-ms-lease-status unlocked last-modified Fri, 05 Aug 2022 17:46:12 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA770A63513EFC x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds251.fr8.c content-type image/jpeg access-control-allow-origin * x-ms-request-id 70e3bc1c-b01e-0001-548a-b0097e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control max-age=604800, must-revalidate x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	880x440-remote-quinceanera-expo.jpg cdn.saleminteractivemedia.com/345/content/263615/	106 KB 106 KB	513ms 510ms	Image image/jpeg	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/345/content/263615/880x440-remote-quinceanera-expo.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash a7911c05b073395836b38197ace78d469eb8d438ca90c6c3faac6f603c2a2e3f Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 x9VtgMerRd5S28MOKx7EWA== x-ms-meta-uploadedby Peddy,Jack content-length 108150 x-ms-lease-status unlocked last-modified Thu, 18 Aug 2022 22:12:51 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA8166CAE3E807 x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds212.fr8.p content-type image/jpeg access-control-allow-origin * x-ms-request-id 26f85451-f01e-002f-670c-b489b9000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=604800, must-revalidate x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	51750-woman-thinking-classroom-unsplash.400w.tn.webp i.swncdn.com/media/400w/cms/IB/	5 KB 5 KB	527ms 407ms	Image image/webp	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://i.swncdn.com/media/400w/cms/IB/51750-woman-thinking-classroom-unsplash.400w.tn.webp Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash cf13e10099d935d39491eb2123994cd3173b27dd7487b95ceb1b5547e10be0bf Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Fri, 19 Aug 2022 20:44:16 GMT cache-control max-age=2592000, public accept-ranges bytes content-length 5040 x-hw 1660941856.dop242.fr8.t,1660941856.cds107.fr8.hn,1660941856.cds243.fr8.p content-type image/webp
GET H2	200	13042-gettyimagestrumzz.webp i.swncdn.com/media/400w/via/	12 KB 13 KB	146ms 25ms	Image image/webp	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://i.swncdn.com/media/400w/via/13042-gettyimagestrumzz.webp Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash bf191a9b8a9e0369515d82d81d3bc45c3edda1ec16dccfc43358fce06c2bb810 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Fri, 19 Aug 2022 20:44:16 GMT cache-control max-age=2592000, public accept-ranges bytes content-length 12678 x-hw 1660941856.dop242.fr8.t,1660941856.cds107.fr8.hn,1660941856.cds223.fr8.c content-type image/webp
GET H2	200	5519-hands-reach-help-gettyimages-990454406.webp i.swncdn.com/media/400w/via/	4 KB 4 KB	151ms 31ms	Image image/webp	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://i.swncdn.com/media/400w/via/5519-hands-reach-help-gettyimages-990454406.webp Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 7efb8552edebafebfbc521ef9a67d55dc3309cae485f8f1b3353e442f2750405 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Fri, 19 Aug 2022 20:44:16 GMT cache-control max-age=2592000, public accept-ranges bytes content-length 4270 x-hw 1660941856.dop242.fr8.t,1660941856.cds107.fr8.hn,1660941856.cds215.fr8.c content-type image/webp
GET H2	200	9373-woman-in-white-crew-neck-t-shirt-wearing-blac.webp i.swncdn.com/media/400w/via/	10 KB 10 KB	797ms 677ms	Image image/webp	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://i.swncdn.com/media/400w/via/9373-woman-in-white-crew-neck-t-shirt-wearing-blac.webp Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash ed96dbbda53569ca40aa5ba1ed1db4da12a97ee9044bcbea0cb66abbd6b6063d Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Fri, 19 Aug 2022 20:44:16 GMT cache-control max-age=2592000, public accept-ranges bytes content-length 10642 x-hw 1660941856.dop242.fr8.t,1660941856.cds107.fr8.hn,1660941856.cds276.fr8.p content-type image/webp
GET H2	200	14632-pexels-joanne-adela-low-sad-woman.webp i.swncdn.com/media/400w/via/	2 KB 2 KB	547ms 427ms	Image image/webp	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://i.swncdn.com/media/400w/via/14632-pexels-joanne-adela-low-sad-woman.webp Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash a3270e624cd4db51980fb1f5faca80c6908c4e8980131f85c656be9b639cb57e Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Fri, 19 Aug 2022 20:44:16 GMT cache-control max-age=2592000, public accept-ranges bytes content-length 2124 x-hw 1660941856.dop242.fr8.t,1660941856.cds107.fr8.hn,1660941856.cds210.fr8.p content-type image/webp
GET H2	200	42117-bible-open-pages1200u.800w.tn.png i.swncdn.com/media/400w/cms/BST/	52 KB 52 KB	814ms 694ms	Image image/png	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://i.swncdn.com/media/400w/cms/BST/42117-bible-open-pages1200u.800w.tn.png Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 875189bbc76592c6cac0ccfa150d52df84d7ff28a2071906c91b6c56d68b2705 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-origin * date Fri, 19 Aug 2022 20:44:16 GMT cache-control max-age=2592000, public accept-ranges bytes content-length 53443 x-hw 1660941856.dop242.fr8.t,1660941856.cds107.fr8.hn,1660941856.cds165.fr8.p content-type image/png
GET H2	200	icr-discoverycenter-birds-eye-880x440-new-logo.jpg cdn.saleminteractivemedia.com/387/content/258472/	114 KB 114 KB	593ms 591ms	Image image/jpeg	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/387/content/258472/icr-discoverycenter-birds-eye-880x440-new-logo.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 2f8330e5c7769cad68ff21115d5ea515eb25d6cd0fe2d7b589204be3270051e1 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 ZS8bmyf631AHluDi4e1wMA== x-ms-meta-uploadedby Peddy,Jack content-length 116640 x-ms-lease-status unlocked last-modified Tue, 19 Jul 2022 00:07:40 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA691AB2224CF7 x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds006.fr8.pr content-type image/jpeg access-control-allow-origin * x-ms-request-id a96e2a2c-501e-0022-640c-b466b5000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control max-age=604800, must-revalidate x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	dallasarboretum-atp-880x440-dusk.jpg cdn.saleminteractivemedia.com/387/content/258467/	114 KB 115 KB	503ms 501ms	Image image/jpeg	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/387/content/258467/dallasarboretum-atp-880x440-dusk.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 2e5c66e47270b16b3ae217d124b627f18c34b8d860f21b7c27e86fb227957c7b Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 80feOQfBLhbwEuNUzx6XmA== x-ms-meta-uploadedby Peddy,Jack content-length 117131 x-ms-lease-status unlocked last-modified Mon, 18 Apr 2022 22:43:13 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA218CD27BFCE5 x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds238.fr8.p content-type image/jpeg access-control-allow-origin * x-ms-request-id 0f857b60-b01e-0028-540c-b47f3c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=604800, must-revalidate x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	fruit-and-veggies-880x440.jpg cdn.saleminteractivemedia.com/387/content/258471/	101 KB 101 KB	598ms 596ms	Image image/jpeg	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/387/content/258471/fruit-and-veggies-880x440.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 8ed2c97016f6a559663d8ccd2bb3fbc3b6699c84839b3b3871cd545264a320f5 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 agi0a2duBws+LSarHG/tqQ== x-ms-meta-uploadedby Peddy,Jack content-length 102945 x-ms-lease-status unlocked last-modified Mon, 18 Apr 2022 23:14:04 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8DA219121720346 x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds208.fr8.p content-type image/jpeg access-control-allow-origin * x-ms-request-id b7b121f2-a01e-0037-4e0c-b4a42c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=604800, must-revalidate x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	8166-judge-rawpixel-1055781-unsplash.jpg media.swncdn.com/via/	152 KB 152 KB	112ms 30ms	Image image/jpeg	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://media.swncdn.com/via/8166-judge-rawpixel-1055781-unsplash.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash ccb9f5251e8bb7d3e08a346af6b4ba7088fc2aa0148afa5e69412d816189a8dc Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT last-modified Tue, 11 Feb 2020 16:41:51 GMT age 0 etag "9111fd4908d42db192acc68ecf01bc86" x-hw 1660941856.dop156.fr8.t,1660941856.cds150.fr8.hn,1660941856.cds165.fr8.c content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes content-length 155250 x-proxy-cache MISS
GET H2	200	27013-florida-flag-karl-callwood-unsplash_source_file.jpg media.swncdn.com/via/images/2022/08/19/	264 KB 264 KB	162ms 80ms	Image image/jpeg	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://media.swncdn.com/via/images/2022/08/19/27013-florida-flag-karl-callwood-unsplash_source_file.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software / Resource Hash 47d2aaa0a8beb3f53ecaecd0d6c271dc8c966060d8daa67b80e552c95be54493 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT last-modified Fri, 19 Aug 2022 17:21:05 GMT content-md5 Qp4r98CXnxZ4KWCs0a4PIg== etag 0x8DA820732D85043 x-hw 1660941856.dop156.fr8.t,1660941856.cds150.fr8.hn,1660941856.cds207.fr8.c content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes content-length 270203 x-proxy-cache HIT
GET H2	200	necesitas-oracion.jpg cdn.saleminteractivemedia.com/radiobase/media/	20 KB 20 KB	500ms 499ms	Image image/jpeg	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/radiobase/media/necesitas-oracion.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash fbbbc815c6e8e1951668d5246360584810473ce718f2efc5d6afa984fbd2d346 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 egwXjtAVDQLTY+JerD6NFA== content-length 20354 x-ms-lease-status unlocked last-modified Mon, 29 Oct 2018 19:44:34 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D63DD6F421621D x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds148.fr8.p content-type image/jpeg access-control-allow-origin * x-ms-request-id 999835de-e01e-003b-710c-b44add000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	t Show response jadserve.postrelease.com/	2 KB 1 KB	458ms 115ms	Script text/javascript	44.196.228.7 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Felpezdfw.com%2F&ntv_mvi Requested by Host: s.ntv.io URL: https://s.ntv.io/serve/load.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.196.228.7 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-228-7.compute-1.amazonaws.com Software nginx/1.12.1 / Resource Hash ae5736e8222239865d9752a9cae990ad40b8f61da19a56146c9c3265e22e6cf2 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip server nginx/1.12.1 p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type text/javascript;charset=UTF-8 content-length 769 expires Mon, 1 Jan 1990 12:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 437 B	96ms 27ms	XHR text/plain	2a00:1450:400c:c07::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-115833468-8&cid=1919957978.1660941856&jid=1411887737&gjid=1953961732&_gid=1310165713.1660941856&_u=IGBAgEABAAAAAE~&z=940230192 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://elpezdfw.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 19 Aug 2022 20:44:16 GMT content-type text/plain access-control-allow-origin https://elpezdfw.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	69ms 27ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=577357628&t=pageview&_s=1&dl=https%3A%2F%2Felpezdfw.com%2F&ul=en-us&de=UTF-8&dt=El%20Pez%20-%20Dallas%2C%20TX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEABAAAAAG~&jid=1984929729&gjid=1392771604&cid=1919957978.1660941856&tid=UA-6553589-38&_gid=1310165713.1660941856&_r=1&_slc=1&z=492813335 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://elpezdfw.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:16 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://elpezdfw.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	65ms 27ms	XHR text/plain	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=577357628&t=pageview&_s=1&dl=https%3A%2F%2Felpezdfw.com%2F&ul=en-us&de=UTF-8&dt=El%20Pez%20-%20Dallas%2C%20TX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEABAAAAAG~&jid=121013246&gjid=1161451725&cid=1919957978.1660941856&tid=UA-34961268-2&_gid=1310165713.1660941856&_r=1&_slc=1&z=1516009387 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://elpezdfw.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:16 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://elpezdfw.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	59ms 20ms	Image image/gif	2a00:1450:4001:812::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=577357628&t=pageview&_s=1&dl=https%3A%2F%2Felpezdfw.com%2F&ul=en-us&de=UTF-8&dt=El%20Pez%20-%20Dallas%2C%20TX&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1411887737&gjid=1953961732&cid=1919957978.1660941856&tid=UA-115833468-8&_gid=1310165713.1660941856&z=1531054230 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Thu, 18 Aug 2022 23:07:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 77808 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	105ms 30ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=elpezdfw.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	95ms 34ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=elpezdfw.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	100 KB 26 KB	67ms 32ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26515 x-xss-protection 0 pragma public x-fb-debug 0jaZ+WybvkKRoOCc3I2NFLq1gi8ar7z4Fb+NQZ+czkvQFaqAywZK/8bXjhWQA25CUam/TGaQzwNz3P5rABWLFw== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 19 Aug 2022 20:44:16 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	440 KB 85 KB	518ms 518ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1697454519115492&correlator=1138729757456137&eid=31068501%2C31069001%2C44761477%2C31068919&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=6177%2Cslm.klty-hd2%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1200x150%7C970x90%7C728x90%2C1x1%2C1200x150%7C970x250%7C970x90%7C728x90%2C880x110%7C1200x150%7C728x90%2C300x300%7C300x250%2C300x600%7C150x300%7C160x600%2C300x300%7C300x250%2C1200x150%7C970x250%7C970x90%7C728x90&ifi=1&adks=1708372693%2C3377604308%2C3956907833%2C1842969420%2C1839700891%2C3971360380%2C1839700893%2C3956907830&didk=3464720120~2898365843~3464720118~3464720117~3464720116~3464720115~3464720114~3464720113&sfv=1-0-38&ists=64&fsapi=false&prev_scp=pos%3Dskyline%26traffic-percent%3D9%7Cpos%3Dtakeover%26traffic-percent%3D9%7Cpos%3Dtopfeature%26traffic-percent%3D9%7Cpos%3Dmiddlefeature%26traffic-percent%3D9%7Cpos%3Dtopbox%26traffic-percent%3D9%7Cpos%3Dmiddlebox%26traffic-percent%3D9%7Cpos%3Dbottombox%26traffic-percent%3D9%7Cpos%3Dfooter%26traffic-percent%3D9&sc=1&cookie_enabled=1&abxe=1&dt=1660941856274&lmt=1660941856&dlt=1660941854848&idt=1374&adxs=200%2C200%2C200%2C200%2C1100%2C1100%2C1100%2C200&adys=199%2C219%2C742%2C860%2C1164%2C1725%2C1875%2C2447&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Felpezdfw.com%2F&frm=20&vis=1&psz=1200x0%7C1200x0%7C1200x0%7C880x0%7C300x-1%7C300x-1%7C300x-1%7C1200x0&msz=1200x0%7C1200x0%7C1200x0%7C880x0%7C300x-1%7C300x-1%7C300x-1%7C1200x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1919957978.1660941856&ga_sid=1660941856&ga_hid=577357628&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash 901e4af5b0fdb6d8941d3b88a3b0fef4a52194ee392e0b906489bc159a73ba89 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87316 x-xss-protection 0 google-lineitem-id 6036785643,-2,-1,-1,-1,-1,-1,-1 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138394383146,-2,-1,-1,-1,-1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://elpezdfw.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 33FB	6 KB 4 KB	132ms 28ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:16 GMT expires Sat, 19 Aug 2023 20:44:16 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	elpez-1025-949hd2-microphone-400x300.jpg cdn.saleminteractivemedia.com/345/host/	19 KB 19 KB	451ms 451ms	Image image/jpeg	205.185.216.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.saleminteractivemedia.com/345/host/elpez-1025-949hd2-microphone-400x300.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 508bd1976b5a47404895a9cd464d6187068b025e411e351c8b090b20e506a6f8 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 19 Aug 2022 20:44:16 GMT content-md5 5P06W0DN0oTAplVGj+UNRw== x-ms-meta-uploadedby Peddy,Jack content-length 19349 x-ms-lease-status unlocked last-modified Tue, 28 Sep 2021 17:04:35 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D982A20CC042E3 x-hw 1660941856.dop244.fr8.t,1660941856.cds146.fr8.hn,1660941856.cds278.fr8.p content-type image/jpeg access-control-allow-origin * x-ms-request-id aa13c225-501e-004f-0d0c-b4cc9b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=604800, must-revalidate x-ms-version 2009-09-19 accept-ranges bytes
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 67 B	31ms 30ms	XHR text/plain	2a00:1450:400c:c07::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34961268-2&cid=1919957978.1660941856&jid=121013246&gjid=1161451725&_gid=1310165713.1660941856&_u=IGDAAEABAAAAAG~&z=583235777 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://elpezdfw.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 19 Aug 2022 20:44:16 GMT content-type text/plain access-control-allow-origin https://elpezdfw.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 72 B	32ms 32ms	XHR text/plain	2a00:1450:400c:c07::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6553589-38&cid=1919957978.1660941856&jid=1984929729&gjid=1392771604&_gid=1310165713.1660941856&_u=IGDAAEABAAAAAG~&z=1558402547 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://elpezdfw.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 19 Aug 2022 20:44:16 GMT content-type text/plain access-control-allow-origin https://elpezdfw.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	www-widgetapi.js Show response www.youtube.com/s/player/009f1d77/www-widgetapi.vflset/	161 KB 52 KB	67ms 21ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/009f1d77/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4a33eb5ee8829f7b5f3b293c8879257f149c44b6a3eeec0adca037f0cba4f08 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 17:59:50 GMT content-encoding br x-content-type-options nosniff age 9866 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53421 x-xss-protection 0 last-modified Thu, 18 Aug 2022 00:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Sat, 19 Aug 2023 17:59:50 GMT
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	298 KB 85 KB	72ms 32ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=f77a5616a0a6fc1011a64060c9904d11 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ae84587bd48f2f4b43877e1e7ca7dc5679eb5b117691a5b5588934a45b081900 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://elpezdfw.com/ Origin https://elpezdfw.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 MhzCCo26I2rc7M2zB8hfRA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 86507 x-fb-rlafr 0 x-fb-debug sK0P4tIyrQ9he4vBAVDl2vKkbqlR7BR35CVBNlJTyQsHLmqn+laL3vAD9kAEKWndnOesYCIcB+DqN3JbApi1eQ== x-fb-content-md5 a4ebe8815f27b3613cf37977de1cd074 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 19 Aug 2022 20:44:16 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "7230b775e6ac1de1370631194db00d15" timing-allow-origin * priority u=3,i expires Sat, 19 Aug 2023 19:31:31 GMT
GET H3	200	/ Show response weatherwidget.io/w/ Frame 0609	3 KB 2 KB	66ms 34ms	Document text/html	2606:4700:3030::ac43:903b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weatherwidget.io/w/ Requested by Host: weatherwidget.io URL: https://weatherwidget.io/js/widget.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:903b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a62aba3546baccac5aba72413337f0216c67f8354349e8306dd208d4fcf4cb4f Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 4663 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public; max-age=14400 cf-cache-status HIT cf-ray 73d5b9ea3b508fca-FRA content-encoding br content-type text/html; charset=utf-8 date Fri, 19 Aug 2022 20:44:16 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Fri, 19 Aug 2022 15:29:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8MeiVny7Z7Nx2iPY%2FXkZi8L1Ax0r9GvkV88gTcZNC%2BocGME2rswqBBYgH0H9lwjM1wJeUN9OGqRR%2FWi2C8q9h25QgUDe%2BLZMEcvLd%2BqW9wS3iRiUvb5kVYl8KUsRlNVjAHL6LbrG2xxVO7dcjwg"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	96ms 43ms	Image image/gif	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6553589-38&cid=1919957978.1660941856&jid=1984929729&_u=IGDAAEABAAAAAG~&z=617248086 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:16 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	99ms 45ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6553589-38&cid=1919957978.1660941856&jid=1984929729&_u=IGDAAEABAAAAAG~&z=617248086 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:16 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	390961805259193 Show response connect.facebook.net/signals/config/	293 KB 84 KB	160ms 159ms	Script application/x-javascript	2a03:2880:f007:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/390961805259193?v=2.9.75&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 87d0834b146b7eb8011efa3db318c21433d96a8720979dd829ca7256a186f47d Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug bxJ9QrHe/s3vfRZPkq2kVO+UBt1V8zpIdh2wEqsfYa7F8N9bUCvWnPCRNSuKdGZnVXnj8K+7fmQSv87MFJaNgw== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 19 Aug 2022 20:44:16 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1660941856513 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	if_w.css weatherwidget.io/w/css/ Frame 0609	17 KB 2 KB	31ms 31ms	Stylesheet text/css	2606:4700:3030::ac43:903b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weatherwidget.io/w/css/if_w.css Requested by Host: weatherwidget.io URL: https://weatherwidget.io/w/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:903b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e2c51e1528f4f0f0a900c9c041a720a25f4a27ea6f60eb7e1ecaf16a5813cee Request headers accept-language de-DE,de;q=0.9 Referer https://weatherwidget.io/w/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br cf-cache-status HIT last-modified Sat, 05 Oct 2019 12:55:20 GMT server cloudflare age 12947 etag W/"5d9892b8-42a3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHrsVRLzPOneUHeR%2FI7L5Pk3GgFHUXDv0WK%2FYFlfYTyG6tYr%2FH9eTdWSIQxWcmU2MZcWDivm0zB1MCazjWaB8ya9%2BHUKmiVipnQ9dtNw9N8k7q3uSUABY2XnFpqj7tdcm3UDSnJnyshw4iFOMlE0"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public; max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73d5b9ea9be58fca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	angular-1.5.8.min.js Show response weatherwidget.io/w/js/ Frame 0609	160 KB 57 KB	36ms 35ms	Script application/javascript	2606:4700:3030::ac43:903b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weatherwidget.io/w/js/angular-1.5.8.min.js Requested by Host: weatherwidget.io URL: https://weatherwidget.io/w/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:903b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e37bad01d25cbecb3e6f6d477725ce6ea43637a94510cd27baf1068e319826ad Request headers accept-language de-DE,de;q=0.9 Referer https://weatherwidget.io/w/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br cf-cache-status HIT last-modified Wed, 20 Jun 2018 12:51:56 GMT server cloudflare age 2507 etag W/"5b2a4dec-28026" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBL%2BUF%2BdV4Cn01kG5oSy5ptYcESIS%2FEYJ5U8bQATrYiorR7OxQXEaFV55BpyQAQd7%2B6erZN%2B6mwuEJbw5g%2BAF0r%2BL2a73kz11ERlQ2nsPvmEw17SHJG52TcopNlrpeVjkNDomD49hMnQnZjzFVk%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public; max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73d5b9ea9be68fca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	iApp.min.js Show response weatherwidget.io/w/js/ Frame 0609	37 KB 8 KB	30ms 30ms	Script application/javascript	2606:4700:3030::ac43:903b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weatherwidget.io/w/js/iApp.min.js Requested by Host: weatherwidget.io URL: https://weatherwidget.io/w/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:903b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c590b7f35f60c3d58265b235066ecc42d07f6a6c2edad989e788faa0d444fa6 Request headers accept-language de-DE,de;q=0.9 Referer https://weatherwidget.io/w/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br cf-cache-status HIT last-modified Thu, 31 Mar 2022 13:21:00 GMT server cloudflare age 3519 etag W/"6245aabc-94da" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgNjJG0140eDr7SKJx3e6G4z%2BjRiJQRhpmHQ1Ox2ch%2FGEBPe1XkePb%2FvUCyMCqzrBu8bPCs0BdF7Tj0dUS%2Bl6U8ixay5Jodz%2BlISZQTSTin4a6qMsMH%2FvB50Ml8iQX0fI%2F3x2we%2FB9NwBP3r1X4Z"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public; max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73d5b9ea9be78fca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	/ Show response www.youtube.com/embed/ Frame 10DD	37 KB 11 KB	54ms 54ms	Document text/html	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/www-widgetapi.vflset/www-widgetapi.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d9e814af1f927983059423694c28e29a7626ef0ae3f4e94a49e962ad57752497 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" date Fri, 19 Aug 2022 20:44:16 GMT expires Mon, 01 Jan 1990 00:00:00 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H/1.1	404 Not Found	structure.css klty.christianjobs.com/Resource/theme/structure/ Frame B713	0 0	246ms 246ms	Stylesheet text/html	34.202.13.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://klty.christianjobs.com/Resource/theme/structure/structure.css Requested by Host: klty.christianjobs.com URL: https://klty.christianjobs.com/iframe/250x450 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.202.13.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-202-13-194.compute-1.amazonaws.com Software nginx/1.22.0 / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://klty.christianjobs.com/iframe/250x450 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 19 Aug 2022 20:44:16 GMT Content-Encoding gzip Server nginx/1.22.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/html Cache-Control private Transfer-Encoding chunked Connection keep-alive
GET H/1.1	404 Not Found	structure.css klty.christianjobs.com/Resource/theme/ChristianJobs/ Frame B713	0 0	415ms 205ms	Stylesheet text/html	34.202.13.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://klty.christianjobs.com/Resource/theme/ChristianJobs/structure.css Requested by Host: klty.christianjobs.com URL: https://klty.christianjobs.com/iframe/250x450 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.202.13.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-202-13-194.compute-1.amazonaws.com Software nginx/1.22.0 / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://klty.christianjobs.com/iframe/250x450 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 19 Aug 2022 20:44:16 GMT Content-Encoding gzip Server nginx/1.22.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/html Cache-Control private Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	jquery-1.12.3.min.js Show response klty.christianjobs.com/Resource/javascript/ Frame B713	95 KB 33 KB	434ms 221ms	Script application/javascript	34.202.13.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://klty.christianjobs.com/Resource/javascript/jquery-1.12.3.min.js Requested by Host: klty.christianjobs.com URL: https://klty.christianjobs.com/iframe/250x450 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.202.13.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-202-13-194.compute-1.amazonaws.com Software nginx/1.22.0 / ASP.NET Resource Hash 4946fcf019e50cf850a0344e45b3a8f93d5ead5e1dade33695025ef732913af1 Request headers accept-language de-DE,de;q=0.9 Referer https://klty.christianjobs.com/iframe/250x450 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 19 Aug 2022 20:44:16 GMT Content-Encoding gzip ETag W/"87bf189bf7abd81:0" Last-Modified Tue, 09 Aug 2022 13:54:55 GMT Server nginx/1.22.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive X-Robots-Tag noindex, nofollow, nosnippet, noarchive
GET H/1.1	200 OK	jquery-ui.min.js Show response klty.christianjobs.com/Resource/javascript/ Frame B713	223 KB 61 KB	437ms 224ms	Script application/javascript	34.202.13.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://klty.christianjobs.com/Resource/javascript/jquery-ui.min.js Requested by Host: klty.christianjobs.com URL: https://klty.christianjobs.com/iframe/250x450 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.202.13.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-202-13-194.compute-1.amazonaws.com Software nginx/1.22.0 / ASP.NET Resource Hash c8174d874059ea96b32c31c43ce7e0a303f042cd53f0b1d4de84c7efed81da9a Request headers accept-language de-DE,de;q=0.9 Referer https://klty.christianjobs.com/iframe/250x450 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 19 Aug 2022 20:44:16 GMT Content-Encoding gzip ETag W/"c2736e7df7abd81:0" Last-Modified Tue, 09 Aug 2022 13:54:05 GMT Server nginx/1.22.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive X-Robots-Tag noindex, nofollow, nosnippet, noarchive
GET H/1.1	200 OK	jquery-ui-1.8.16.custom.css klty.christianjobs.com/Resource/theme/jQueryUI/base/ Frame B713	34 KB 7 KB	320ms 110ms	Stylesheet text/css	34.202.13.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://klty.christianjobs.com/Resource/theme/jQueryUI/base/jquery-ui-1.8.16.custom.css Requested by Host: klty.christianjobs.com URL: https://klty.christianjobs.com/iframe/250x450 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.202.13.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-202-13-194.compute-1.amazonaws.com Software nginx/1.22.0 / ASP.NET Resource Hash 69fd94aab59464363633049d3d36c3111ae00ad96161412b48353686c8176325 Request headers accept-language de-DE,de;q=0.9 Referer https://klty.christianjobs.com/iframe/250x450 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 19 Aug 2022 20:44:16 GMT Content-Encoding gzip ETag W/"12856a0f7abd81:0" Last-Modified Tue, 09 Aug 2022 13:55:04 GMT Server nginx/1.22.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive X-Robots-Tag noindex, nofollow, nosnippet, noarchive
GET H2	200	cj2.jpg media.swncdn.com/jobsites3/ Frame B713	7 KB 7 KB	121ms 121ms	Image image/jpeg	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://media.swncdn.com/jobsites3/cj2.jpg Requested by Host: klty.christianjobs.com URL: https://klty.christianjobs.com/iframe/250x450 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software nginx / Resource Hash 688235b74432e847b8813ae963e4b734a33ce83a5f3e4d971c432e128e232321 Request headers accept-language de-DE,de;q=0.9 Referer https://klty.christianjobs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT last-modified Wed, 31 Jul 2013 15:33:30 GMT server nginx etag "01e54e38ece1:0" x-hw 1660941857.dop156.fr8.t,1660941857.cds150.fr8.hn,1660941857.cds155.fr8.c content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes content-length 7449 x-proxy-cache STALE
GET H2	200	cj_viewmorejobs.jpg media.swncdn.com/jobsites3/ Frame B713	5 KB 6 KB	85ms 84ms	Image image/jpeg	205.185.216.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://media.swncdn.com/jobsites3/cj_viewmorejobs.jpg Requested by Host: klty.christianjobs.com URL: https://klty.christianjobs.com/iframe/250x450 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map2.hwcdn.net Software nginx / Resource Hash 481c14d520188bbb9544d4ff2e3d02e819f249ce18e7207439a060195bb65bd8 Request headers accept-language de-DE,de;q=0.9 Referer https://klty.christianjobs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT last-modified Wed, 31 Jul 2013 16:11:08 GMT server nginx etag "076c49088ece1:0" x-hw 1660941857.dop156.fr8.t,1660941857.cds150.fr8.hn,1660941857.cds101.fr8.c content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes content-length 5620 x-proxy-cache MISS
GET H3	200	/ www.facebook.com/login/ Frame 726A Redirect Chain https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=327608680664365&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9e... https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....	0 0	272ms 236ms	Document text/html	2a03:2880:f107:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9e8cfcea5e278%2526domain%253Delpezdfw.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Felpezdfw.com%25252Ff115f68b4d6d08%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Felpezdallas%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=f77a5616a0a6fc1011a64060c9904d11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer about:blank Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none date Fri, 19 Aug 2022 20:44:16 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} pragma no-cache priority u=0 report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"} strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug 9ffPuYU/jjdIl6MQew9g2g6ycc3b882QMgnkukTcRcnPXqhM1yBthMhv+vIuYbn3lmCG1y9aH9VMP4oFxpXUWw== x-fb-rlafr 0 x-frame-options DENY x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-length 0 content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none date Fri, 19 Aug 2022 20:44:16 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT facebook-api-version v8.0 location https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D327608680664365%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df9e8cfcea5e278%2526domain%253Delpezdfw.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Felpezdfw.com%25252Ff115f68b4d6d08%2526relation%253Dparent.parent%26container_width%3D300%26height%3D400%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Felpezdallas%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500 nel {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01} pragma no-cache priority u=3,i strict-transport-security max-age=15552000; preload x-content-type-options nosniff x-fb-debug BNbH1J6KeEuQyN0DlrcyM3eIBYmLQoTCihAZqtdj2uHIWL8s5nBRY3Vww5h/TMHzjeYskjw36IqojA4Hdr7nOQ== x-fb-rlafr 0 x-xss-protection 0
GET H3	200	www-player.css www.youtube.com/s/player/009f1d77/ Frame 10DD	343 KB 47 KB	22ms 21ms	Stylesheet text/css	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/009f1d77/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4b46dc5cc031017c003808e87a7c63f7b1555fe6ec18da4489694a09236e52e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 14:57:07 GMT content-encoding br x-content-type-options nosniff age 107229 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48157 x-xss-protection 0 last-modified Thu, 18 Aug 2022 00:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 18 Aug 2023 14:57:07 GMT
GET H3	200	www-embed-player.js Show response www.youtube.com/s/player/009f1d77/www-embed-player.vflset/ Frame 10DD	308 KB 95 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/009f1d77/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2ead7afdd7ff8c6bb486b360a061137d56a0cfdf85c38642e945ec7369e82c65 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 14:57:07 GMT content-encoding br x-content-type-options nosniff age 107229 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 97385 x-xss-protection 0 last-modified Thu, 18 Aug 2022 00:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 18 Aug 2023 14:57:07 GMT
GET H3	200	base.js Show response www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/ Frame 10DD	2 MB 570 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 982b48e4b221404e5d2d4f34f0056a7c506d796f409123e4acefb3d324b9ed4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 14:59:37 GMT content-encoding br x-content-type-options nosniff age 107079 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 583732 x-xss-protection 0 last-modified Thu, 18 Aug 2022 00:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 18 Aug 2023 14:59:37 GMT
GET H3	200	fetch-polyfill.js Show response www.youtube.com/s/player/009f1d77/fetch-polyfill.vflset/ Frame 10DD	9 KB 3 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/009f1d77/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 14:57:07 GMT content-encoding br x-content-type-options nosniff age 107229 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2786 x-xss-protection 0 last-modified Thu, 18 Aug 2022 00:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 18 Aug 2023 14:57:07 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 10DD	15 KB 15 KB	63ms 21ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 16 Aug 2022 17:06:41 GMT x-content-type-options nosniff age 272255 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 16 Aug 2023 17:06:41 GMT
GET H3	200	open.svg Show response weatherwidget.io/w/img/ui/ Frame 0609	524 B 877 B	28ms 28ms	XHR image/svg+xml	2606:4700:3030::ac43:903b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weatherwidget.io/w/img/ui/open.svg Requested by Host: weatherwidget.io URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:903b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffb3bbe91d293ec0b30bf7834648ccaded81fd6a27fa6dbb3f06941b28a6d12a Request headers Accept application/json, text/plain, */* Referer https://weatherwidget.io/w/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br cf-cache-status HIT last-modified Fri, 26 Jan 2018 03:49:23 GMT server cloudflare age 3309 etag W/"5a6aa543-20c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPYYjEJdY1aP4bnRDG6k1DnUSwuHa7xV3CvpzADORq67fAaBe9kU3Z8KSBq2VXgxYxFVo7b4NaLGeXXRvvrPSe4P7MZFXu1sGs4nbj5YVTSiPzzD6yeJ2ZwvvmHERYCDWYDyZRqNQhZsplsKyU2T"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public; max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73d5b9eb6cbc8fca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	pageview Show response signals.aimtell.com/	43 B 429 B	122ms 30ms	XHR image/gif	2606:4700::6812:1e97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://signals.aimtell.com/pageview?id_site=25545&v=3.972&support=1&state=default&wl=1 Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT access-control-allow-methods GET,HEAD,OPTIONS aimtell-hash-exists 0 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding aimtell-traverse 0 content-type image/gif access-control-allow-origin https://elpezdfw.com access-control-expose-headers Aimtell-Hash-Exists, Aimtell-Traverse access-control-allow-credentials true cf-ray 73d5b9ec1ac09010-FRA access-control-allow-headers Content-Type, * content-length 43
GET H2	200	25545-6629a0e07760.json Show response cdn.aimtell.io/config/optin/	253 B 779 B	482ms 422ms	XHR application/json	2606:4700:10::ac43:1ee1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aimtell.io/config/optin/25545-6629a0e07760.json Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1ee1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7df4c5d60acd44b7cc3b08a4eb77194cb14457aaf4a961cb1d5863d7cda327c Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method cf-cache-status DYNAMIC x-amz-cf-pop FRA56-P3 x-cache Miss from cloudfront content-length 232 access-control-allow-origin * last-modified Wed, 27 Apr 2022 15:16:11 GMT server cloudflare etag "93410ba0cb871fba43f63bcbabfabf71" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET content-type application/json via 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront) access-control-expose-headers ETag cache-control max-age=86400 accept-ranges bytes cf-ray 73d5b9ebd9e75c74-FRA x-amz-cf-id nfIyTlW3C-tE3Sbz3TPgSTGJdh6d4FZ0zmlohDjP5PpoZbER_CYZCg==
GET H2	200	/ Show response forecast7.com/es/32d78n96d80/dallas/ Frame 0609	5 KB 2 KB	194ms 141ms	XHR application/json	2606:4700:3036::ac43:8191 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forecast7.com/es/32d78n96d80/dallas/?format=json Requested by Host: weatherwidget.io URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:8191 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd92293d48a92f3233cbef0e538e34d60b616812f4d965457fb58164b7d06351 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://weatherwidget.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block server cloudflare x-frame-options SAMEORIGIN etag W/"127b-4JExfuranWcbricB1eixTk9yM8c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTB1mG1GoAzSjXeYIKd4nZNzh5cSu55KhVB1LupfjDp7ZkL0kb%2FF%2FVNreBhQHIl7p9mHgy68PYDFAizRez%2BW0klX5csecMcA23R%2F5qKLsWauBdbRE9uBayVepiFNehdGbujeaoo4%2FpknKPMZ"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://weatherwidget.io cache-control public cf-ray 73d5b9ebdb219bb9-FRA x-proxy-cache MISS expires Fri, 19 Aug 2022 21:20:16 GMT
GET H3	200	icon-climacons.css weatherwidget.io/w/css/ Frame 0609	61 KB 3 KB	31ms 30ms	Stylesheet text/css	2606:4700:3030::ac43:903b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weatherwidget.io/w/css/icon-climacons.css Requested by Host: weatherwidget.io URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:903b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94f979bb200e6caf970584d76eddd5d352b79bf775ad1a92de8e707221999b4f Request headers accept-language de-DE,de;q=0.9 Referer https://weatherwidget.io/w/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6521 cf-cached-on Sun, 05 Jun 2022 23:40:27 GMT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 09 Apr 2018 00:59:19 GMT server cloudflare etag W/"5acabae7-f3dc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2F5aia%2FWFtaLh7fS2XLjka7DlQrjrCyMP7FFJp2KzekeX%2FMYW%2FsHOMIY1bizXlH2ppAqnVJt1fBEUZHuweQ%2B%2FsBZTGQTBpGFobpd0aLB792wd%2FJo%2BZVc2zfe%2FiYUP%2BJcM10ADXrUZR0I7OBCwDHB"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public; max-age=14400 cf-ray 73d5b9eb8cd58fca-FRA
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	31ms 31ms	Image image/gif	2a03:2880:f107:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=390961805259193&ev=PageView&dl=https%3A%2F%2Felpezdfw.com%2F&rl=&if=false&ts=1660941856576&sw=1600&sh=1200&v=2.9.75&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1660941856575.2117752387&it=1660941856365&coo=false&rqm=GET Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Fri, 19 Aug 2022 20:44:16 GMT
GET H3	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 10DD Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 146 B	71ms 29ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 Protocol H3 Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a3a2f37fdf8154f03e78a5a6fcf84ccfad1aa97e055f2d6fc80e04a608491bf5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 19 Aug 2022 20:44:16 GMT x-content-type-options nosniff access-control-allow-origin https://www.youtube.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 10DD	29 B 588 B	85ms 20ms	Script text/javascript	2a00:1450:4001:830::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:34:42 GMT x-content-type-options nosniff age 574 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 19 Aug 2022 20:49:42 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	92ms 30ms	Preflight text/html	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Fri, 19 Aug 2022 20:44:16 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	initplayback Show response redirector.googlevideo.com/ Frame 10DD	372 B 986 B	91ms 29ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redirector.googlevideo.com/initplayback?source=youtube&orc=1&oeis=1&ip=2001%3A1b60%3A2%3A240%3A3247%3A0%3A0%3A4&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&alr=yes&id=41938 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ClientMapServer / Resource Hash c34fc699e4e109923676091ae2d79f8f972570a38b9574f064c49be2e03aa82a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 273 x-xss-protection 0 pragma no-cache server ClientMapServer x-frame-options SAMEORIGIN content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://www.youtube.com expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 10DD	65 KB 30 KB	80ms 36ms	XHR application/json+protobuf	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 26c5735f1379795038c09b3ecad6a37c396c23a18a414bc58fbd46314641e700 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json+protobuf Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 30654 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/ Frame 10DD	119 KB 37 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a30e93b56be695eb7c1a971aa685551ddb621b8850dfb19cc355e32a24649527 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 14:59:38 GMT content-encoding br x-content-type-options nosniff age 107078 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37744 x-xss-protection 0 last-modified Thu, 18 Aug 2022 00:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 18 Aug 2023 14:59:38 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/ Frame 10DD	27 KB 8 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e6c3552412feae3b719c5f8abbe101d1d1b41a6df58bcbdcb877c6a5f5e89c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 15:02:09 GMT content-encoding br x-content-type-options nosniff age 106927 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8160 x-xss-protection 0 last-modified Thu, 18 Aug 2022 00:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 18 Aug 2023 15:02:09 GMT
GET H2	200	moatcontent.js Show response z.moatads.com/nativonielsen548znrb18/	167 KB 55 KB	132ms 31ms	Script application/x-javascript	2.21.185.146 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=15593 Requested by Host: s.ntv.io URL: https://s.ntv.io/serve/load.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.21.185.146 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-21-185-146.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip last-modified Mon, 24 Aug 2020 17:04:05 GMT server AmazonS3 x-amz-request-id 0B0CA0B90C88DB3A etag "774acff2cee5852cdfc3fd8471cb2667" vary Accept-Encoding content-type application/x-javascript cache-control max-age=16574 accept-ranges bytes content-length 55696 x-amz-id-2 pjbrJFbt4QFRzKYMM5XzevVYn7TQUBxhW0n53CWVULC77/Xh7qs+EZWLr8k9n7lfgRjcD0Xe9pU=
GET H2	200	trk.gif jadserve.postrelease.com/	43 B 426 B	113ms 112ms	Image image/gif	44.196.228.7 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=7786681&ntv_pl=1122112 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.196.228.7 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-228-7.compute-1.amazonaws.com Software nginx/1.12.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:16 GMT server nginx/1.12.1 p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type image/gif content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	200	gdprConsent jadserve.postrelease.com/	43 B 426 B	110ms 109ms	Image image/gif	44.196.228.7 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/gdprConsent?ntv_pl=1122112&ntv_gdpr_consent=&ntv_it Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.196.228.7 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-196-228-7.compute-1.amazonaws.com Software nginx/1.12.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:16 GMT server nginx/1.12.1 p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type image/gif content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H3	200	cloudy.html Show response weatherwidget.io/w/img/icons/climacons-a/ Frame 0609	573 B 841 B	28ms 28ms	XHR text/html	2606:4700:3030::ac43:903b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weatherwidget.io/w/img/icons/climacons-a/cloudy.html Requested by Host: weatherwidget.io URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:903b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ec395c9efb51a39b0b7ec32714adfe634ee11c04b7f101e411aef6a17bb06d1 Request headers Accept application/json, text/plain, */* Referer https://weatherwidget.io/w/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br cf-cache-status HIT last-modified Fri, 19 Aug 2022 19:34:15 GMT server cloudflare age 290 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csMtjhKtHDUHm9Df64zdrrrDuZ3v7BdPe%2Bsg2QqE9oocxQzKQvG4GYuGcTVwiLfvOcHVdXl%2B06JTStrq%2FH1Ep2nG6qzV3vpzWVgckQYSLVq3n7%2Bei3Pmz8V3rVrZjGt1jXLVvcW%2Fz63nfcKK4T5S"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control public; max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73d5b9ecde7c8fca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	rain.html Show response weatherwidget.io/w/img/icons/climacons-a/ Frame 0609	1 KB 910 B	33ms 33ms	XHR text/html	2606:4700:3030::ac43:903b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://weatherwidget.io/w/img/icons/climacons-a/rain.html Requested by Host: weatherwidget.io URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:903b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a00bec1c1e933799a69949bb4efcc304bf16a088d1fa920b8fbf31d6ea0bbc53 Request headers Accept application/json, text/plain, */* Referer https://weatherwidget.io/w/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br cf-cache-status HIT last-modified Fri, 19 Aug 2022 15:36:27 GMT server cloudflare age 8967 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEWj3gmynwW6LV9gGzfojBomN4l3dlnakqrFDfa3iIUR0SLlQLOZxxMEXv7TavGK0tK3vPcZVDLvDjjox6t7OlK44BrIblCRn4vUKEnWP7nzNwhmiOdaBYTE72GTuJc1UuEn7r78mQLuc31T3TiU"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control public; max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 73d5b9ecde7d8fca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	200	embedded_player Show response www.youtube.com/youtubei/v1/ Frame 10DD	39 KB 17 KB	124ms 123ms	Fetch application/json	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 3b1aa68084f745d9b1d906fe52d1368e8c5898aa45e37e699152e22cb6c9c541 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220817.01.00 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D Content-Type application/json Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17789 x-xss-protection 0 expires Fri, 19 Aug 2022 20:44:16 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 10DD	4 KB 3 KB	86ms 37ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 Aug 2022 20:44:16 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame C4FF	0 0	57ms 56ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslE5UoIeyRuvQ5xOhtROcsgpNzF0_wFcpCcL7jsjg6MGllZXPyXSfjZ-G7eeK2-7ws4OOQRh_hwYq1GV5bdZC7ENmUv-h976gPQMLfyfwiRekhi80hmf1wFFKMbiMRw8R77-F5UB_YEbdqmEROJFBvE_BuMWzvWv-TACHNp1noeDeZpJsQaiUmtNAxrFWinEQ-EWPQQ2HVcP0q51xApUUc87_G2JjCWV58e6QbyJJMMO1kMG5UO513B_6q1Ni4TW8RwJAP5ofhzcRmmg8DvC2bW28eDBsu_FrIuJK9Noh5TJt-R2Ixd-MkCigdfmKeTnDUuQ&sai=AMfl-YQ9AwpgS7H2MUgicEdIZFg3dmwIS5jGRwphtq-nD9onFCApxQg3pTQB0mjj4jgMA6Ib2u2xfAA9_WNl8jvJRJgG2JlRrL9_aVF8I1Y_XXJ76fbC83JzlkhjBiuv-1XSfQ&sig=Cg0ArKJSzJy_z1IO5rvkEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:16 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 19 Aug 2022 20:44:16 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame C4FF	84 KB 28 KB	30ms 29ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software sffe / Resource Hash cb2f8bf90ef4d5600ca57da39e16af78fac4793e71f347864a892a2a75190031 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28724 x-xss-protection 0 server sffe etag "1308 / 415 of 1000 / last-modified: 1660907276" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 19 Aug 2022 20:44:16 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame C4FF	140 KB 44 KB	111ms 48ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:16 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44050 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1660737283953252" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 Aug 2022 20:44:16 GMT
GET H3	200	container.html Show response 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BFB9	6 KB 3 KB	78ms 32ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:16 GMT expires Sat, 19 Aug 2023 20:44:16 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9B16	6 KB 3 KB	75ms 35ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:16 GMT expires Sat, 19 Aug 2023 20:44:16 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D3A	6 KB 3 KB	67ms 33ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:16 GMT expires Sat, 19 Aug 2023 20:44:16 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6506	6 KB 3 KB	36ms 31ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:16 GMT expires Sat, 19 Aug 2023 20:44:16 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B88	6 KB 3 KB	37ms 37ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:16 GMT expires Sat, 19 Aug 2023 20:44:16 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pubads_impl_2022081601.js Show response securepubads.g.doubleclick.net/gpt/ Frame C4FF	383 KB 130 KB	20ms 20ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software sffe / Resource Hash 041b6e69b34243b7cd98534e95b129cb2479bebddae8dc4f051755a84cc8fbe8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 12:50:28 GMT content-encoding gzip x-content-type-options nosniff age 114829 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133485 x-xss-protection 0 last-modified Tue, 16 Aug 2022 08:34:51 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 18 Aug 2023 12:50:28 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/ Frame C4FF	71 B 96 B	29ms 29ms	XHR application/json	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=elpezdfw.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash ab899c39b30a1f704cf3751e2d37a513d0735a9b3f1fd78e159f09f70fd9f675 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 71 x-xss-protection 0 expires Fri, 19 Aug 2022 20:44:17 GMT
GET H3	200	cast_sender.js Show response www.gstatic.com/eureka/clank/104/ Frame 10DD	52 KB 15 KB	66ms 21ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/104/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 07:40:35 GMT content-encoding gzip x-content-type-options nosniff age 47022 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15107 x-xss-protection 0 last-modified Mon, 30 May 2022 15:03:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Sat, 20 Aug 2022 07:40:35 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 4F5C	624 B 297 B	31ms 31ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLz8tdEBMAE&v=APEucNWwfnoIhNl-vjGKVzl9QpZpd0_rkd9u6ZS1KHYDbTW32nouDjqmHR2GmgmMgCmxnResT0Y8AC1JNCxE-RPEMurYKuAeIs0JeCpaf3ugc3Jdr0-ATUjOAFCi-EwdkPC6aa48gxN9_2Id3jKtz2R1jAtBqUavo9Gp8gmoyFA-6yHk3x-n84w Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 6506	95 KB 36 KB	72ms 72ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANmhliNE_JTx02pXvIax1A6lKxMaSxeKz5nzB_sf3thcvzgBPFO-Dy80S0onbddVHh9260y1beeWa9l7ZSiaKT7alHyvi3VQk6iiV99mbNrALd__jzh5E902bdg-Z63UxMI63Q5MVl9MwfrfhatBt1NmZKXg&dbm_d=AKAmf-BQq1D-oZVhVLno77Tctv5fESoFtSACF3-xglspnAqq308NH71cPOthogoET29FSBwVsAdRo5ZbrtMODpRGBnEW3nXit48He0z9kq4iXbJSn3uBggW1htOrE7puOKazg6W0Wl_vF4IUwIFBExk68u1L0Wag2rC-6oOOGp_0jvFuNXInD3ZA1HJtn7C1o6UfkouSXR6g5AIyRYIkyYNs9CPjrt1o0yGxlheDiR0oBuWYC4UwXTVZCX4ebvlTq4EsVFaeFzxwVepqdyDsA4OUriF5J5VpbnpookGxuR-uIeTyNI1BMWTtUjMEhck0j6ooKfTs8LnUk2gdlZpTHRyQ0gdAU8bF9PhuWmTch5FKT41_5LOp5FpMEjjw99xXL9PaxX2EQDJcHoLXuItzD8raYYlA2pClS17esrdPQ24jTveSWRrGRiAXjwkpnBYLOs53IvhuzUGDM6OnA4_d93cNxzcPPhnWbsfxnx8DraM1F9bRPbgVZQOHj9UfCxLV9HkikTyXbhX6tNKeuogM6vpIdNLKBixPCZwL4vxWdKDVQCtnrEH79YekQqcF3t0diuYRmZMoQenUZzPxQCFM7jqhZBYcxs6EwpNsRGZGNLc7_9cTltbdmHGS8toaxiKhWPuUpPBtHsZqgoB6gEMuuB_CLjRnEFYRjhVtztpQ6mzSvODOJfy4Dl1L445uECF616aoqKBoU-rT1iGsB-bmY8dyn4wwukJtRSJYba2qlGFen_uQezbYrZyUUND3F6ZZIH3n3OXjXwZHt7BA5cJLh2SeXKenrH-l7WThWmwOZP-BUccTSDlTTX-4siIwJdO5tP_2IQxVvgHSW-hwSsPCTDleRuNENjpAsPG0zwL279ACJHJxEgNmSUFN2UDpzX4JhbgFgBw_m4MypYXgAZ4xgEQ1P2XdMUfZqjDQZqdhsNaL2uxlprW3SBnIH4DOQl3i0QjUjUZ9QlGu2gqpOJJZ3TXKh7LU-bpycoqa18uoPaqQY0AJUTlMlaGPlGjfu1PO1ApUdtM8op3Rghclew1c18CcoZrcBNerXMVhITiSdtN_AAqT6uMfTlBrJ7G6U5WAk6YA-CQl2oDbAaE7h4X1NxMyRpv9tPoHlKe75grgfV4iGwYHzmMlRZOvnphZ90pkJ24aXljPLvAYB9Na5tHBh9nTC_wns94IO3khxGeHvlxEK7O6MW4HtYZ27MO8W6CC6cdyZcHsnT6KSqMzP82Ivc8jnMaToYEANrW94ew2Zhb53dPEDMwLN_wkXxxGvOWMDusLmh6rJlM-AgMNkGIjIMHhVAC7GlAjUpMTGRZTB49spKUG6-NX4E4ltrEO9O0W0qeu_q5RBl9PEfGYo8RWFBVRNA25OaXyYHSdj8MF9DOAGTPJZY59UIvI2Vyi0ophRESW5rCDzOCcYNThpWicH2_vHJZ5kQkididwaPF0-G5AuABZVa8YMsBeE7ZKCCq6gbEAv5AjOH7Wh_10ayVp3YxGpcTIyL3iy6OK4GyqD3rsC8_4cfLql_uXh6xyb4QaeEYRYXn-2d3MKRgaPkzMzmZJgz9IUx8KVynzs5sSt0oZIc30a4okjDIgQJ11N8V_gG2eJreP0mySMwyLSExMVfbNOwiksf3YEpQkeCoICUUbQKhU8SwH_8c-GX1R553KGaQ-K5MGBD2vA2VwREC-5jiKDGocihXY2kfcHIBnWzsy4JDOjVor4-GaxTVBQ8nsQlFJ0a_vCxFgo4GtP0D5o8DiHxZX-nz4tpOjKnBn9xTcjlaFMG0C5sBY4Yuxwlmx2dlp9ZBkWM-CouX8dzjfD1izqDULznOc_2b2Oym2HnDx60CotVFomo-tUFeF5gQEeD_RtYCu9xspyJjQNgOXPuA7zsQWW1gkng2PiCpRyEBRNu26Oi_eTKnB0NOO4G3QUEyw3gFxDx3lWW7-2oCH1mu8MaO2psg3RpCeRP2dGqvFfhy0vdQDCjUXmEDWo-oKta81pWxXqdj4Wc0cC7VS0EXrB6qFC6m6dqkSlR58O2seu8Dz0xGwBOTSl4ICYWwjvJexQcY990xJd6L-kf19zbrvboLarp8jicJch40iXX14TG-Yd9ZTR95oDxHFRPODwz82aR_NviUSdB25sUe4jvVal-IrUgLVrBcFKDlSycOk527xgAcMGs145OZc1LdqCNp_dznyo705DABA7cx2VxrLCjKrFlJrHhdgcZUqvL6KXhRXIvNCybJIvw94ghxF-3wUrcwRw_SqBDt1c5giqRNIlmuJAmCaxZoQY-szHqGvJvW42o1YP8P6v6FJ8tQsg7PuyawGL_QafnQ5j9VeAm9Mpc9-9AJTW2l8EgssRAq1fckjhtJSbnCGY3jo801MhL7Hp1XMXEeTIr45jd1H4hxHmv1i492QEi34J5YWPg6YGZ3ML7E60sNOqt7szHaOQ8fZA8Fgj9o5MaN4T6tnzByeyFfD9NGINlaGWdSNZCgncehGz-9INQuQgKlgcrGqmkFJ1pma6hI-KYlMVpWdQDooEr2dEKVXJQXe2nlqsZBGjecvje9e-yHCL8YOx_rgYf3Aio3B47sp_YAdnVXvJvqRoJEWq05CwBeYh-D_IGs8vJdWlHcJ-dXJpw_BqrGe7PCiWU4r1eeD3G55dJwWi3lO7ko-VRv0X15bCo9D3n9gEl5yA5mwTqwmBqIrJdjhIQTNRK9GkC2oGGfUW5KnYzbQ8JpP_G8IKZFVFO1uWQQYxdvlGYAUjYy-JhTeij0nzW_PuO-svApfapQmV9XciKoeT2L_NyzyK95QDi7GRe6pV_3nvFfcNu_e785o4En9xFYKdMsyz_zYM2LhSZNI0edI4oVvJKgIZJMlfT2-tXYSEpjE8-47BLTZuJmvOSIG1IRfKeoOie2Lk4iX0roKC7FnwAeF9wReE2SuVbGThfSTf4oALDiLSvgem5C62MG-lyQR_oWiCm4CHhOv44TaPoxVvvvzJuAjQpuBZab2_o2h7Yp5qsWtHwd5WlYOp2gYCyhlu2636da7YmghywXrCH-9yiNoB55SMJJkdETT-789UA03WK0Uyi-T6VliYHQ7PBv6zAMsLbla7i554KUQqB9_KWfRm8mZbft3ZLdLjeIYnShU7MXG1e-OvBptckS87VVCcvCZVPf72xea6kjfdv2RDIFrq3sPZHINbvEtw_fjoEDWBU2HlTo&cid=CAASJ-Ro-PVwgG2DBkfRNWfkGrco6rFJ1S6nG2PRHOU1p7V0D7MDv-PCRw&rfl=1%2Chttps%253A%252F%252Felpezdfw.com%252F%240 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 75abb911269d30f91500b8edb29d271a921b772e2d06eb6b530ddad2aae6c016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:17 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37066 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6506	42 B 494 B	118ms 56ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEYlgpM2oM5BFw3vteyzjQie61k1VbccR-CYHuEaCAHUI5dYxcYTC7P0kMIRHZLwuP8FHxp3pLYWI56y71NO7wmaAup_5KrUWgL7KrPcsUAqVa56M Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:17 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 6506	3 KB 1 KB	110ms 48ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:42:27 GMT content-encoding gzip x-content-type-options nosniff age 110 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:42:27 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6506	140 KB 43 KB	85ms 40ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44050 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1660737283953252" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 Aug 2022 20:44:17 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 6506	17 KB 8 KB	83ms 22ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:35:33 GMT content-encoding gzip x-content-type-options nosniff age 524 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7599 x-xss-protection 0 server cafe etag 9215437806027971270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:35:33 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 6506	0 0	76ms 30ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6QG9rN77fUxJw_urxDzPDD0u-o35iS_AgzytnGEV08lB2amJfTFu7N4o-trNAhK3rSFHL4uSE_uD1d0J3qIHxtveDeQ Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame C4FF	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 742e3d966570fe979c3f9bb64865fce8c729128ed3a7b6357ef4aa8ab454fe66 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame BFB9	0 0	64ms 64ms	Fetch text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=COHzdIPb_Yu_yFfWi9u8PpMSVwAuW9IiSaom7wqKQD--p9f0IEAEg0e2gF2CV0piCrAegAc2pk70DyAEC4AIAqAMByAPJBKoEjAJP0P9XIW-s92FfniKA67q58ft-fkbOJxN4s9UKx9GfqG74pzyydbjwFVyQXrnNVExcH52_HGgZ0FlY_qKIecFNthV5hJpqxguwpcgjIBaOmsQb5PvmymKyAZFY4ycneK3dy3vccpdcG4vbLD8XgdxHf36S_uzf2vZrpn6s64KQ_RCLqKjaidfl9sM5VjAMZ-SWUq1zDLzNM1z67lCr4XsREZNucgvXKEiCpft0CDbJdQiejP_pVLXj9AcOToKH4fXPjz2MCcoGqMmmDriSB6J5uWdIhHPIQ3JCg8xZAy8avziElJRtnM3JPLcjYOHac6BiLtLQZgw1CXtCLVIlFHc-1ekpsI9WQusrYvTlwASogJ761APgBAGSBQQIBBgBkgUECAUYBKAGAoAHm9bsQqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEITnB9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNTIyMzc3MTQ0MzY1NDgyGK3SFQ&sigh=FjKrqJmQ87E&uach_m=[UACH] Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame BFB9	23 KB 10 KB	50ms 24ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:33:36 GMT content-encoding gzip x-content-type-options nosniff age 641 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9668 x-xss-protection 0 server cafe etag 3250940068065303693 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:33:36 GMT
GET H2	200	16227651261626199421 tpc.googlesyndication.com/daca_images/simgad/ Frame BFB9	39 KB 39 KB	74ms 49ms	Image image/png	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/16227651261626199421 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a7feaef3ebe989fa6c472f1229bb893b06295d379cd1209e4678b4dbbc87aec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 01:03:50 GMT x-content-type-options nosniff age 157227 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39864 x-xss-protection 0 last-modified Fri, 12 Nov 2021 08:37:51 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 18 Aug 2023 01:03:50 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame BFB9	3 KB 1 KB	90ms 65ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:42:27 GMT content-encoding gzip x-content-type-options nosniff age 110 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:42:27 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame BFB9	140 KB 43 KB	75ms 67ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44050 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1660737283953252" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 Aug 2022 20:44:17 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame BFB9	17 KB 7 KB	70ms 45ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:35:33 GMT content-encoding gzip x-content-type-options nosniff age 524 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7599 x-xss-protection 0 server cafe etag 9215437806027971270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:35:33 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame BFB9	0 0	37ms 29ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSf04EKwvOxOpcb7ozeTtO9rcGMqDmT256RpFV5yi4r_MAiIaYTEBY0bgenXU3Y5QFk3b3jErt0kTkkqGL1v5d9kLFekA Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H2	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame BFB9	32 KB 13 KB	95ms 71ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9091dec867a1dc7341bf0aa79915415e24203019aa46230a6210b98187493570 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 19:25:17 GMT content-encoding gzip x-content-type-options nosniff age 4740 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13566 x-xss-protection 0 server cafe etag 1188449327864671977 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 19:25:17 GMT
GET H3	200	css fonts.googleapis.com/ Frame 3D3A	4 KB 621 B	71ms 29ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 19 Aug 2022 19:11:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 19 Aug 2022 20:44:17 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 19 Aug 2022 20:44:17 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 3D3A	2 KB 983 B	62ms 49ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:28:19 GMT content-encoding gzip x-content-type-options nosniff age 958 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 875 x-xss-protection 0 server cafe etag 16974406330603315520 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:28:19 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 3D3A	0 0	64ms 64ms	Fetch text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu1j3IPb_YvDyFfWi9u8PpMSVwAuW9IiSaqHMtLT-D--p9f0IEAEg0e2gF2CV0piCrAegAc2pk70DyAEJ4AIAqAMByAPLBKoEjAJP0CIomQTCqXdUvldSHEKr_CSKY9hmdxC1QMUzk4TeQ6-ibv_UycIcTnxJhQQ-tfywKE6Yeg8tuFq016hgZZU7Fe2nSaxYldrLtyc7hLlTxJGtn_iSWejKTnydMcW7tUOttd_i9T4eY1qh6QVKc4qLdPUwrT_SKG45sNJl7lbFVdfGX_aPdCa9jLcJxQdhPdU1LG-k7gjX7sQ4gEXexsxB2tL5amJof4-btM53UJONk4ijFl0gqjWIBHTzTij8t7HRHj0joOxGPJWlhLJRbWr6Stcjk8sEkV_PPu52mqXsd5md27OMLVaUFGbr-hZftPStKEItqNYoDMTMpF7XrcKBrVLDTOgJOrPFBFyIwASogJ761APgBAGSBQQIBBgBkgUECAUYBKAGLoAHm9bsQqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMzHBdIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNTIyMzc3MTQ0MzY1NDgyGK3SFQ&sigh=G7lK92yZJfU&uach_m=[UACH]&template_id=5000 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 3D3A	23 KB 10 KB	37ms 28ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:33:36 GMT content-encoding gzip x-content-type-options nosniff age 641 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9668 x-xss-protection 0 server cafe etag 3250940068065303693 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:33:36 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 3D3A	3 KB 1 KB	73ms 64ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:42:27 GMT content-encoding gzip x-content-type-options nosniff age 110 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:42:27 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3D3A	140 KB 43 KB	51ms 51ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44050 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1660737283953252" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 Aug 2022 20:44:17 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 3D3A	17 KB 7 KB	50ms 42ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:35:33 GMT content-encoding gzip x-content-type-options nosniff age 524 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7599 x-xss-protection 0 server cafe etag 9215437806027971270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:35:33 GMT
GET H3	200	16838d5bcb4c763c91f5404f5ca97705.js Show response www.gstatic.com/mysidia/ Frame 3D3A	33 KB 13 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 03:40:59 GMT content-encoding gzip x-content-type-options nosniff age 147798 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13605 x-xss-protection 0 last-modified Tue, 16 Aug 2022 13:11:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 16 Nov 2022 03:40:59 GMT
GET H2	200	downsize_200k_v1 tpc.googlesyndication.com/simgad/8533347886568876373/ Frame 3D3A	22 KB 23 KB	59ms 59ms	Image image/jpeg	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8533347886568876373/downsize_200k_v1?w=400&h=209 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 66778dab4e6fc829f865c7c1f745d21838255c1bc332845b70d13323bddd5366 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 23:42:04 GMT x-content-type-options nosniff age 334933 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22941 x-xss-protection 0 last-modified Tue, 12 Apr 2022 12:41:40 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 15 Aug 2023 23:42:04 GMT
GET DATA	200 OK	truncated / Frame 3D3A	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	15593 Show response s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/	0 272 B	588ms 472ms	Script application/x-javascript	2.21.185.146 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/15593?t=2022719208 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.21.185.146 Vienna, Austria, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-21-185-146.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-amz-version-id null last-modified Tue, 18 Nov 2014 20:18:12 GMT server AmazonS3 x-amz-request-id 3QC3QH8VGF3GTB90 etag "d41d8cd98f00b204e9800998ecf8427e" content-type application/x-javascript cache-control max-age=1151 date Fri, 19 Aug 2022 20:44:17 GMT accept-ranges bytes content-length 0 x-amz-id-2 rZfIw5OB2xl90HwGLLndQB5sScGDYkrMcoFmOhYBt6e+KqPRpQ1JX3P+p1uzBy4R0MdCcCnkxOo=
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 9B16	0 0	66ms 65ms	Fetch text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C_DyZIPb_Yu7yFfWi9u8PpMSVwAuW9IiSasGvwqKQD--p9f0IEAEg0e2gF2CV0piCrAegAc2pk70DyAEC4AIAqAMByAPJBKoEjwJP0FVX2MBw4_Xts-FKncfZeoE-YpVR0Bi8gzLRQxgFS6eueyT42wR_Efg_Tgo6g3sCADffJiEWfn0x2IUnOt2HTsKzdbpCLO1QsFkiqClSIQNHQeERtZT3ZOiip75rFUrXeHOQ7HAl2A2MYlkpgmZqZ9XQvvdVVFSZDw-LOEqLK_8C3y0DD1hQeAg7CF1dTY7nBvtwAWmAgVQ-ZPKmSnablZ6j1L22zR_yNyDQpOq2oPK8ZSdV_h2TxhvlNAuQ3MwHccSvHGGg1fQvpND5LQLIvbmWzIWRK26qQsoghBOoOhSrFdW9-BwqcS-2dd7-jwq6A94ACEFLjgciTNooZEcnCLCQaQsA4xoqYzgEUAoJwASogJ761APgBAGSBQQIBBgBkgUECAUYBKAGAoAHm9bsQqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEInwBtIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNTIyMzc3MTQ0MzY1NDgyGK3SFQ&sigh=fZiLfHIU8pM&uach_m=[UACH] Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 9B16	23 KB 9 KB	64ms 19ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:33:36 GMT content-encoding gzip x-content-type-options nosniff age 641 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9668 x-xss-protection 0 server cafe etag 3250940068065303693 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:33:36 GMT
GET H3	200	15444450576735392837 tpc.googlesyndication.com/daca_images/simgad/ Frame 9B16	36 KB 36 KB	79ms 35ms	Image image/jpeg	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/15444450576735392837 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5ee5d0c7e438410b435468e17f71721294558e00db1f9af4f37a4bb4b2fe2843 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 16 Aug 2022 15:11:15 GMT x-content-type-options nosniff age 279182 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37244 x-xss-protection 0 last-modified Fri, 12 Nov 2021 08:38:01 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 16 Aug 2023 15:11:15 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 9B16	3 KB 1 KB	107ms 64ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:43:31 GMT content-encoding gzip x-content-type-options nosniff age 46 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:43:31 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 9B16	140 KB 43 KB	41ms 40ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44050 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1660737283953252" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 Aug 2022 20:44:17 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 9B16	17 KB 7 KB	69ms 26ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:00 GMT content-encoding gzip x-content-type-options nosniff age 17 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7599 x-xss-protection 0 server cafe etag 9215437806027971270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:44:00 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 9B16	0 0	29ms 28ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7-RnYcd4rOVVY6IvikKr7irViPSjiC7rcjRteYT3E1JtC5yBR3U26c7gKIea4pjOQwAU9fTMpQx7FzGZ0V83GJtXKXg Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 9B16	32 KB 13 KB	110ms 67ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9091dec867a1dc7341bf0aa79915415e24203019aa46230a6210b98187493570 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 19:25:17 GMT content-encoding gzip x-content-type-options nosniff age 4740 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13566 x-xss-protection 0 server cafe etag 1188449327864671977 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 19:25:17 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 5B88	0 0	63ms 63ms	Fetch text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C6C6ZIPb_YuzyFfWi9u8PpMSVwAuW9IiSapGwwqKQD--p9f0IEAEg0e2gF2CV0piCrAegAc2pk70DyAEC4AIAqAMByAPJBKoEjAJP0D3vrmJFJnYrb4In-B2cl09rvbM2hQeG3ap9OocBPpJKqiw5Y4NBn14x4Maw04BSSOwwSJZoGBw17wfntsCk4DZ8rAfrACVIWHFFZ202i760IQe36HGhzZSTcbh231j4WUOEUTo0dbZ8DA3oe_NNT-aqP4-zBzKYl7NwVbENcJkpH29RjIf9l5Ln0q_0tmTsyup8fFnT6c6iVgs-dt1Jz77kmWpr-g-_04wzHbmnXsvo_ytd8pjEwGsraSVgJw--f22UB7-zi7G0qCQvaEz-zNl1lpHSV1namk8C7ZhhIeHEGyPX8MQ4BbMtPfWS_glZYflMI4QCt-Yw6LODsUvFTFFgq68EDgYv4VTDwASogJ761APgBAGSBQQIBBgBkgUECAUYBKAGAoAHm9bsQqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKD9O9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNTIyMzc3MTQ0MzY1NDgyGK3SFQ&sigh=WShGNIruyzE&uach_m=[UACH] Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 5B88	23 KB 9 KB	71ms 31ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:33:36 GMT content-encoding gzip x-content-type-options nosniff age 641 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9668 x-xss-protection 0 server cafe etag 3250940068065303693 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:33:36 GMT
GET H3	200	16213960646820082830 tpc.googlesyndication.com/simgad/ Frame 5B88	50 KB 50 KB	82ms 43ms	Image image/png	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16213960646820082830?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmgniGt2ednDmoG9JHErHLAP0r8pw Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 98bbaae14ac36c319ad2568e887b226c33e9fa888c58545fdfd268c55c31f0c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 08:46:24 GMT x-content-type-options nosniff age 215873 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51372 x-xss-protection 0 last-modified Fri, 12 Nov 2021 08:36:47 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 17 Aug 2023 08:46:24 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 5B88	3 KB 1 KB	103ms 64ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:43:31 GMT content-encoding gzip x-content-type-options nosniff age 46 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:43:31 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 5B88	140 KB 43 KB	51ms 50ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44050 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1660737283953252" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 Aug 2022 20:44:17 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 5B88	17 KB 7 KB	61ms 22ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:00 GMT content-encoding gzip x-content-type-options nosniff age 17 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7599 x-xss-protection 0 server cafe etag 9215437806027971270 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:44:00 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 5B88	0 0	29ms 28ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTI3gs9n2tvbU8dsCwdlz9k077bBSoMeEEYKFdC_RAO4-R939Wo7jfNkkUB9VH7tACtGUVZzqbePrS0-0dILy7rphsaNA Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 5B88	32 KB 13 KB	104ms 66ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9091dec867a1dc7341bf0aa79915415e24203019aa46230a6210b98187493570 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 19:25:17 GMT content-encoding gzip x-content-type-options nosniff age 4740 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13566 x-xss-protection 0 server cafe etag 1188449327864671977 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 19:25:17 GMT
GET H/1.1	200 OK	print.css klty.christianjobs.com/Resource/theme/structure/ Frame B713	1 KB 916 B	110ms 110ms	Stylesheet text/css	34.202.13.194 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://klty.christianjobs.com/Resource/theme/structure/print.css Requested by Host: klty.christianjobs.com URL: https://klty.christianjobs.com/iframe/250x450 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.202.13.194 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-202-13-194.compute-1.amazonaws.com Software nginx/1.22.0 / ASP.NET Resource Hash dd5c972b620d284d337fb7e3323db3b7aa6eac76d7ad9089c547718637e51b1a Request headers accept-language de-DE,de;q=0.9 Referer https://klty.christianjobs.com/iframe/250x450 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Fri, 19 Aug 2022 20:44:17 GMT Content-Encoding gzip ETag W/"83a1ed9ff7abd81:0" Last-Modified Tue, 09 Aug 2022 13:55:03 GMT Server nginx/1.22.0 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive X-Robots-Tag noindex, nofollow, nosnippet, noarchive
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	33ms 32ms	Image image/gif	2a03:2880:f107:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=390961805259193&ev=Microdata&dl=https%3A%2F%2Felpezdfw.com%2F&rl=&if=false&ts=1660941857163&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22El%20Pez%20-%20Dallas%2C%20TX%22%2C%22meta%3Adescription%22%3A%22El%20Pez%20-%20Dallas%2C%20TX%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22%22%2C%22og%3Aimage%3Aurl%22%3A%22%22%2C%22og%3Aimage%3Asecure_url%22%3A%22%22%2C%22og%3Adescription%22%3A%22El%20Pez%20-%20Dallas%2C%20TX%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.75&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1660941856575.2117752387&it=1660941856365&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Fri, 19 Aug 2022 20:44:17 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 4F5C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtLMsYxdIw7PXTGw2Yyq-o&google_cver=1	43 B 913 B	181ms 68ms	Image image/gif	104.18.19.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtLMsYxdIw7PXTGw2Yyq-o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLz8tdEBMAE&v=APEucNWwfnoIhNl-vjGKVzl9QpZpd0_rkd9u6ZS1KHYDbTW32nouDjqmHR2GmgmMgCmxnResT0Y8AC1JNCxE-RPEMurYKuAeIs0JeCpaf3ugc3Jdr0-ATUjOAFCi-EwdkPC6aa48gxN9_2Id3jKtz2R1jAtBqUavo9Gp8gmoyFA-6yHk3x-n84w Protocol H3 Server 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 73d5b9f12f2092b9-FRA pragma no-cache date Fri, 19 Aug 2022 20:44:17 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJS23rcqOUsKPPYe%2BKQjFXne2FspFXq7jkA5GDqWTBu4FQj0iirLkzt9%2F8aD5mesIZJYHZWyLj0xbUC%2Fnwb5o2KaKR0Gm59%2Bps73vzm7WibgqfVMiypgQRABkuK0G%2B0Ukk%2B%2Buybff11JPw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 19 Aug 2022 20:44:17 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtLMsYxdIw7PXTGw2Yyq-o&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 4F5C Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yv-2IVmY7cRKsiz3u0JYqwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtLMsYxdIw7PXTGw2Yyq-o&google_cver=1	43 B 910 B	42ms 41ms	Image image/gif	104.18.19.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtLMsYxdIw7PXTGw2Yyq-o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLz8tdEBMAE&v=APEucNWwfnoIhNl-vjGKVzl9QpZpd0_rkd9u6ZS1KHYDbTW32nouDjqmHR2GmgmMgCmxnResT0Y8AC1JNCxE-RPEMurYKuAeIs0JeCpaf3ugc3Jdr0-ATUjOAFCi-EwdkPC6aa48gxN9_2Id3jKtz2R1jAtBqUavo9Gp8gmoyFA-6yHk3x-n84w Protocol H3 Server 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers cf-ray 73d5b9f2187192b9-FRA pragma no-cache date Fri, 19 Aug 2022 20:44:17 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67LUPxI0GCQTxYEITX6Ci4V9lHS4qo3G%2Fno1C0rpBhFZRqIvoGAKZ340vVuSFQAL7o2aEAx0jMkePN%2BEYGSdMSDaogKu7DhoAb6UmFxKuas9yQ5fDWVJx%2BiN9uT41l8WnMLkHi%2FzyitnrQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 19 Aug 2022 20:44:17 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEtLMsYxdIw7PXTGw2Yyq-o&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 4F5C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEKBPP2Ms8N2aKimufleQRT0&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKBPP2Ms8N2aKimufleQRT0%26google_cver%3D1	43 B 1 KB	33ms 33ms	Image image/gif	185.89.211.84 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKBPP2Ms8N2aKimufleQRT0%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLz8tdEBMAE&v=APEucNWwfnoIhNl-vjGKVzl9QpZpd0_rkd9u6ZS1KHYDbTW32nouDjqmHR2GmgmMgCmxnResT0Y8AC1JNCxE-RPEMurYKuAeIs0JeCpaf3ugc3Jdr0-ATUjOAFCi-EwdkPC6aa48gxN9_2Id3jKtz2R1jAtBqUavo9Gp8gmoyFA-6yHk3x-n84w Protocol HTTP/1.1 Server 185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Pragma no-cache Date Fri, 19 Aug 2022 20:44:17 GMT X-Proxy-Origin 217.114.218.25; 217.114.218.25; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid d6a5dfb4-d961-4858-a4c8-1a6eddcd97eb Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 19 Aug 2022 20:44:17 GMT X-Proxy-Origin 217.114.218.25; 217.114.218.25; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid 5592108c-b10c-4734-ab86-6c719841bc16 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKBPP2Ms8N2aKimufleQRT0%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 4F5C Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1MTU3NzIyNzI2MjM3MDI3OQ%3D%3D	170 B 188 B	79ms 33ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1MTU3NzIyNzI2MjM3MDI3OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLz8tdEBMAE&v=APEucNWwfnoIhNl-vjGKVzl9QpZpd0_rkd9u6ZS1KHYDbTW32nouDjqmHR2GmgmMgCmxnResT0Y8AC1JNCxE-RPEMurYKuAeIs0JeCpaf3ugc3Jdr0-ATUjOAFCi-EwdkPC6aa48gxN9_2Id3jKtz2R1jAtBqUavo9Gp8gmoyFA-6yHk3x-n84w Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:17 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 19 Aug 2022 20:44:17 GMT X-Proxy-Origin 217.114.218.25; 217.114.218.25; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid e553b921-9d91-4773-b252-9f570ddb7f5a Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA1MTU3NzIyNzI2MjM3MDI3OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/1141311/65046779/ Frame 6506	235 KB 70 KB	309ms 49ms	Script application/javascript	34.241.76.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/1141311/65046779/skeleton.js?ias_dspID=3&ias_campId=1008628059&ias_pubId=pub-3522377144365482&ias_chanId=1&ias_placementId=17989214151&bidurl=https://elpezdfw.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iakE9i8fFUeZ0E33faWIcL Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.76.101 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-76-101.eu-west-1.compute.amazonaws.com Software / Resource Hash f8b42bda177d43891bfa9d5b6ba1524c8c5e538832a5bc5f73138ae4776352a5 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame 6506	106 KB 38 KB	97ms 21ms	Script text/javascript	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ Origin https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 09:05:27 GMT content-encoding gzip x-content-type-options nosniff age 41930 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 20 Aug 2022 09:05:27 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 6506	8 KB 3 KB	62ms 20ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANmhliNE_JTx02pXvIax1A6lKxMaSxeKz5nzB_sf3thcvzgBPFO-Dy80S0onbddVHh9260y1beeWa9l7ZSiaKT7alHyvi3VQk6iiV99mbNrALd__jzh5E902bdg-Z63UxMI63Q5MVl9MwfrfhatBt1NmZKXg&dbm_d=AKAmf-BQq1D-oZVhVLno77Tctv5fESoFtSACF3-xglspnAqq308NH71cPOthogoET29FSBwVsAdRo5ZbrtMODpRGBnEW3nXit48He0z9kq4iXbJSn3uBggW1htOrE7puOKazg6W0Wl_vF4IUwIFBExk68u1L0Wag2rC-6oOOGp_0jvFuNXInD3ZA1HJtn7C1o6UfkouSXR6g5AIyRYIkyYNs9CPjrt1o0yGxlheDiR0oBuWYC4UwXTVZCX4ebvlTq4EsVFaeFzxwVepqdyDsA4OUriF5J5VpbnpookGxuR-uIeTyNI1BMWTtUjMEhck0j6ooKfTs8LnUk2gdlZpTHRyQ0gdAU8bF9PhuWmTch5FKT41_5LOp5FpMEjjw99xXL9PaxX2EQDJcHoLXuItzD8raYYlA2pClS17esrdPQ24jTveSWRrGRiAXjwkpnBYLOs53IvhuzUGDM6OnA4_d93cNxzcPPhnWbsfxnx8DraM1F9bRPbgVZQOHj9UfCxLV9HkikTyXbhX6tNKeuogM6vpIdNLKBixPCZwL4vxWdKDVQCtnrEH79YekQqcF3t0diuYRmZMoQenUZzPxQCFM7jqhZBYcxs6EwpNsRGZGNLc7_9cTltbdmHGS8toaxiKhWPuUpPBtHsZqgoB6gEMuuB_CLjRnEFYRjhVtztpQ6mzSvODOJfy4Dl1L445uECF616aoqKBoU-rT1iGsB-bmY8dyn4wwukJtRSJYba2qlGFen_uQezbYrZyUUND3F6ZZIH3n3OXjXwZHt7BA5cJLh2SeXKenrH-l7WThWmwOZP-BUccTSDlTTX-4siIwJdO5tP_2IQxVvgHSW-hwSsPCTDleRuNENjpAsPG0zwL279ACJHJxEgNmSUFN2UDpzX4JhbgFgBw_m4MypYXgAZ4xgEQ1P2XdMUfZqjDQZqdhsNaL2uxlprW3SBnIH4DOQl3i0QjUjUZ9QlGu2gqpOJJZ3TXKh7LU-bpycoqa18uoPaqQY0AJUTlMlaGPlGjfu1PO1ApUdtM8op3Rghclew1c18CcoZrcBNerXMVhITiSdtN_AAqT6uMfTlBrJ7G6U5WAk6YA-CQl2oDbAaE7h4X1NxMyRpv9tPoHlKe75grgfV4iGwYHzmMlRZOvnphZ90pkJ24aXljPLvAYB9Na5tHBh9nTC_wns94IO3khxGeHvlxEK7O6MW4HtYZ27MO8W6CC6cdyZcHsnT6KSqMzP82Ivc8jnMaToYEANrW94ew2Zhb53dPEDMwLN_wkXxxGvOWMDusLmh6rJlM-AgMNkGIjIMHhVAC7GlAjUpMTGRZTB49spKUG6-NX4E4ltrEO9O0W0qeu_q5RBl9PEfGYo8RWFBVRNA25OaXyYHSdj8MF9DOAGTPJZY59UIvI2Vyi0ophRESW5rCDzOCcYNThpWicH2_vHJZ5kQkididwaPF0-G5AuABZVa8YMsBeE7ZKCCq6gbEAv5AjOH7Wh_10ayVp3YxGpcTIyL3iy6OK4GyqD3rsC8_4cfLql_uXh6xyb4QaeEYRYXn-2d3MKRgaPkzMzmZJgz9IUx8KVynzs5sSt0oZIc30a4okjDIgQJ11N8V_gG2eJreP0mySMwyLSExMVfbNOwiksf3YEpQkeCoICUUbQKhU8SwH_8c-GX1R553KGaQ-K5MGBD2vA2VwREC-5jiKDGocihXY2kfcHIBnWzsy4JDOjVor4-GaxTVBQ8nsQlFJ0a_vCxFgo4GtP0D5o8DiHxZX-nz4tpOjKnBn9xTcjlaFMG0C5sBY4Yuxwlmx2dlp9ZBkWM-CouX8dzjfD1izqDULznOc_2b2Oym2HnDx60CotVFomo-tUFeF5gQEeD_RtYCu9xspyJjQNgOXPuA7zsQWW1gkng2PiCpRyEBRNu26Oi_eTKnB0NOO4G3QUEyw3gFxDx3lWW7-2oCH1mu8MaO2psg3RpCeRP2dGqvFfhy0vdQDCjUXmEDWo-oKta81pWxXqdj4Wc0cC7VS0EXrB6qFC6m6dqkSlR58O2seu8Dz0xGwBOTSl4ICYWwjvJexQcY990xJd6L-kf19zbrvboLarp8jicJch40iXX14TG-Yd9ZTR95oDxHFRPODwz82aR_NviUSdB25sUe4jvVal-IrUgLVrBcFKDlSycOk527xgAcMGs145OZc1LdqCNp_dznyo705DABA7cx2VxrLCjKrFlJrHhdgcZUqvL6KXhRXIvNCybJIvw94ghxF-3wUrcwRw_SqBDt1c5giqRNIlmuJAmCaxZoQY-szHqGvJvW42o1YP8P6v6FJ8tQsg7PuyawGL_QafnQ5j9VeAm9Mpc9-9AJTW2l8EgssRAq1fckjhtJSbnCGY3jo801MhL7Hp1XMXEeTIr45jd1H4hxHmv1i492QEi34J5YWPg6YGZ3ML7E60sNOqt7szHaOQ8fZA8Fgj9o5MaN4T6tnzByeyFfD9NGINlaGWdSNZCgncehGz-9INQuQgKlgcrGqmkFJ1pma6hI-KYlMVpWdQDooEr2dEKVXJQXe2nlqsZBGjecvje9e-yHCL8YOx_rgYf3Aio3B47sp_YAdnVXvJvqRoJEWq05CwBeYh-D_IGs8vJdWlHcJ-dXJpw_BqrGe7PCiWU4r1eeD3G55dJwWi3lO7ko-VRv0X15bCo9D3n9gEl5yA5mwTqwmBqIrJdjhIQTNRK9GkC2oGGfUW5KnYzbQ8JpP_G8IKZFVFO1uWQQYxdvlGYAUjYy-JhTeij0nzW_PuO-svApfapQmV9XciKoeT2L_NyzyK95QDi7GRe6pV_3nvFfcNu_e785o4En9xFYKdMsyz_zYM2LhSZNI0edI4oVvJKgIZJMlfT2-tXYSEpjE8-47BLTZuJmvOSIG1IRfKeoOie2Lk4iX0roKC7FnwAeF9wReE2SuVbGThfSTf4oALDiLSvgem5C62MG-lyQR_oWiCm4CHhOv44TaPoxVvvvzJuAjQpuBZab2_o2h7Yp5qsWtHwd5WlYOp2gYCyhlu2636da7YmghywXrCH-9yiNoB55SMJJkdETT-789UA03WK0Uyi-T6VliYHQ7PBv6zAMsLbla7i554KUQqB9_KWfRm8mZbft3ZLdLjeIYnShU7MXG1e-OvBptckS87VVCcvCZVPf72xea6kjfdv2RDIFrq3sPZHINbvEtw_fjoEDWBU2HlTo&cid=CAASJ-Ro-PVwgG2DBkfRNWfkGrco6rFJ1S6nG2PRHOU1p7V0D7MDv-PCRw&rfl=1%2Chttps%253A%252F%252Felpezdfw.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:35:59 GMT content-encoding gzip x-content-type-options nosniff age 498 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3181 x-xss-protection 0 server cafe etag 18418590997839133011 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:35:59 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 6506	30 KB 12 KB	59ms 20ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANmhliNE_JTx02pXvIax1A6lKxMaSxeKz5nzB_sf3thcvzgBPFO-Dy80S0onbddVHh9260y1beeWa9l7ZSiaKT7alHyvi3VQk6iiV99mbNrALd__jzh5E902bdg-Z63UxMI63Q5MVl9MwfrfhatBt1NmZKXg&dbm_d=AKAmf-BQq1D-oZVhVLno77Tctv5fESoFtSACF3-xglspnAqq308NH71cPOthogoET29FSBwVsAdRo5ZbrtMODpRGBnEW3nXit48He0z9kq4iXbJSn3uBggW1htOrE7puOKazg6W0Wl_vF4IUwIFBExk68u1L0Wag2rC-6oOOGp_0jvFuNXInD3ZA1HJtn7C1o6UfkouSXR6g5AIyRYIkyYNs9CPjrt1o0yGxlheDiR0oBuWYC4UwXTVZCX4ebvlTq4EsVFaeFzxwVepqdyDsA4OUriF5J5VpbnpookGxuR-uIeTyNI1BMWTtUjMEhck0j6ooKfTs8LnUk2gdlZpTHRyQ0gdAU8bF9PhuWmTch5FKT41_5LOp5FpMEjjw99xXL9PaxX2EQDJcHoLXuItzD8raYYlA2pClS17esrdPQ24jTveSWRrGRiAXjwkpnBYLOs53IvhuzUGDM6OnA4_d93cNxzcPPhnWbsfxnx8DraM1F9bRPbgVZQOHj9UfCxLV9HkikTyXbhX6tNKeuogM6vpIdNLKBixPCZwL4vxWdKDVQCtnrEH79YekQqcF3t0diuYRmZMoQenUZzPxQCFM7jqhZBYcxs6EwpNsRGZGNLc7_9cTltbdmHGS8toaxiKhWPuUpPBtHsZqgoB6gEMuuB_CLjRnEFYRjhVtztpQ6mzSvODOJfy4Dl1L445uECF616aoqKBoU-rT1iGsB-bmY8dyn4wwukJtRSJYba2qlGFen_uQezbYrZyUUND3F6ZZIH3n3OXjXwZHt7BA5cJLh2SeXKenrH-l7WThWmwOZP-BUccTSDlTTX-4siIwJdO5tP_2IQxVvgHSW-hwSsPCTDleRuNENjpAsPG0zwL279ACJHJxEgNmSUFN2UDpzX4JhbgFgBw_m4MypYXgAZ4xgEQ1P2XdMUfZqjDQZqdhsNaL2uxlprW3SBnIH4DOQl3i0QjUjUZ9QlGu2gqpOJJZ3TXKh7LU-bpycoqa18uoPaqQY0AJUTlMlaGPlGjfu1PO1ApUdtM8op3Rghclew1c18CcoZrcBNerXMVhITiSdtN_AAqT6uMfTlBrJ7G6U5WAk6YA-CQl2oDbAaE7h4X1NxMyRpv9tPoHlKe75grgfV4iGwYHzmMlRZOvnphZ90pkJ24aXljPLvAYB9Na5tHBh9nTC_wns94IO3khxGeHvlxEK7O6MW4HtYZ27MO8W6CC6cdyZcHsnT6KSqMzP82Ivc8jnMaToYEANrW94ew2Zhb53dPEDMwLN_wkXxxGvOWMDusLmh6rJlM-AgMNkGIjIMHhVAC7GlAjUpMTGRZTB49spKUG6-NX4E4ltrEO9O0W0qeu_q5RBl9PEfGYo8RWFBVRNA25OaXyYHSdj8MF9DOAGTPJZY59UIvI2Vyi0ophRESW5rCDzOCcYNThpWicH2_vHJZ5kQkididwaPF0-G5AuABZVa8YMsBeE7ZKCCq6gbEAv5AjOH7Wh_10ayVp3YxGpcTIyL3iy6OK4GyqD3rsC8_4cfLql_uXh6xyb4QaeEYRYXn-2d3MKRgaPkzMzmZJgz9IUx8KVynzs5sSt0oZIc30a4okjDIgQJ11N8V_gG2eJreP0mySMwyLSExMVfbNOwiksf3YEpQkeCoICUUbQKhU8SwH_8c-GX1R553KGaQ-K5MGBD2vA2VwREC-5jiKDGocihXY2kfcHIBnWzsy4JDOjVor4-GaxTVBQ8nsQlFJ0a_vCxFgo4GtP0D5o8DiHxZX-nz4tpOjKnBn9xTcjlaFMG0C5sBY4Yuxwlmx2dlp9ZBkWM-CouX8dzjfD1izqDULznOc_2b2Oym2HnDx60CotVFomo-tUFeF5gQEeD_RtYCu9xspyJjQNgOXPuA7zsQWW1gkng2PiCpRyEBRNu26Oi_eTKnB0NOO4G3QUEyw3gFxDx3lWW7-2oCH1mu8MaO2psg3RpCeRP2dGqvFfhy0vdQDCjUXmEDWo-oKta81pWxXqdj4Wc0cC7VS0EXrB6qFC6m6dqkSlR58O2seu8Dz0xGwBOTSl4ICYWwjvJexQcY990xJd6L-kf19zbrvboLarp8jicJch40iXX14TG-Yd9ZTR95oDxHFRPODwz82aR_NviUSdB25sUe4jvVal-IrUgLVrBcFKDlSycOk527xgAcMGs145OZc1LdqCNp_dznyo705DABA7cx2VxrLCjKrFlJrHhdgcZUqvL6KXhRXIvNCybJIvw94ghxF-3wUrcwRw_SqBDt1c5giqRNIlmuJAmCaxZoQY-szHqGvJvW42o1YP8P6v6FJ8tQsg7PuyawGL_QafnQ5j9VeAm9Mpc9-9AJTW2l8EgssRAq1fckjhtJSbnCGY3jo801MhL7Hp1XMXEeTIr45jd1H4hxHmv1i492QEi34J5YWPg6YGZ3ML7E60sNOqt7szHaOQ8fZA8Fgj9o5MaN4T6tnzByeyFfD9NGINlaGWdSNZCgncehGz-9INQuQgKlgcrGqmkFJ1pma6hI-KYlMVpWdQDooEr2dEKVXJQXe2nlqsZBGjecvje9e-yHCL8YOx_rgYf3Aio3B47sp_YAdnVXvJvqRoJEWq05CwBeYh-D_IGs8vJdWlHcJ-dXJpw_BqrGe7PCiWU4r1eeD3G55dJwWi3lO7ko-VRv0X15bCo9D3n9gEl5yA5mwTqwmBqIrJdjhIQTNRK9GkC2oGGfUW5KnYzbQ8JpP_G8IKZFVFO1uWQQYxdvlGYAUjYy-JhTeij0nzW_PuO-svApfapQmV9XciKoeT2L_NyzyK95QDi7GRe6pV_3nvFfcNu_e785o4En9xFYKdMsyz_zYM2LhSZNI0edI4oVvJKgIZJMlfT2-tXYSEpjE8-47BLTZuJmvOSIG1IRfKeoOie2Lk4iX0roKC7FnwAeF9wReE2SuVbGThfSTf4oALDiLSvgem5C62MG-lyQR_oWiCm4CHhOv44TaPoxVvvvzJuAjQpuBZab2_o2h7Yp5qsWtHwd5WlYOp2gYCyhlu2636da7YmghywXrCH-9yiNoB55SMJJkdETT-789UA03WK0Uyi-T6VliYHQ7PBv6zAMsLbla7i554KUQqB9_KWfRm8mZbft3ZLdLjeIYnShU7MXG1e-OvBptckS87VVCcvCZVPf72xea6kjfdv2RDIFrq3sPZHINbvEtw_fjoEDWBU2HlTo&cid=CAASJ-Ro-PVwgG2DBkfRNWfkGrco6rFJ1S6nG2PRHOU1p7V0D7MDv-PCRw&rfl=1%2Chttps%253A%252F%252Felpezdfw.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:36:08 GMT content-encoding gzip x-content-type-options nosniff age 489 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11819 x-xss-protection 0 server cafe etag 10563440404697844360 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 02 Sep 2022 20:36:08 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/ Frame C4FF	107 B 122 B	75ms 31ms	Script application/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=elpezdfw.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame C4FF	107 B 122 B	76ms 31ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=elpezdfw.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame C4FF	121 KB 19 KB	339ms 339ms	XHR text/plain	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685281069652216&correlator=603708323587224&eid=31068929%2C31069002%2C31069045%2C31068827%2C31068367%2C44752585%2C31067825%2C44769661&output=ldjh&gdfp_req=1&vrg=2022081601&ptt=17&impl=fif&iu_parts=21849154601%3A6177%2CAd.Plus-728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60%7C220x90%7C300x75&ifi=1&adks=1391429544&didk=1233627657&sfv=1-0-38&fsapi=false&prev_scp=site%3Dam1590theanswer.com&sc=1&cookie=ID%3D50548f3c6e67242a-22ffc218fecd0040%3AT%3D1660941856%3AS%3DALNI_MY8u6vvchbab3i2Ln8paFMAEDnL1Q&cdm=elpezdfw.com&abxe=1&dt=1660941857229&lmt=1660941857&dlt=1660941856829&idt=378&adxs=436&adys=238&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=xe8mgwxh2g8h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Felpezdfw.com%2F&top=https%3A%2F%2Felpezdfw.com%2F&frm=23&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1919957978.1660941856&ga_sid=1660941857&ga_hid=1639010831&ga_fc=true Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash 5b51601c9c38f19a6c99fb503a21463bc84c62ee3a2fc21612b5c179096330d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19698 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://elpezdfw.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response fc3a78b0cf839fc1857c393e6afda82f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A176	6 KB 3 KB	45ms 29ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fc3a78b0cf839fc1857c393e6afda82f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:17 GMT expires Sat, 19 Aug 2023 20:44:17 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame D6E3	143 B 163 B	20ms 19ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1981 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 date Fri, 19 Aug 2022 20:11:16 GMT server cafe x-content-type-options nosniff x-xss-protection 0
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 10DD	98 B 142 B	31ms 31ms	XHR application/json+protobuf	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4843635cdc9cc4be215f42ebb7b923833044bab37219b545facc6cc556e4e12a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json+protobuf Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 118 x-xss-protection 0
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	29ms 28ms	Preflight text/html	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Fri, 19 Aug 2022 20:44:17 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
GET DATA	200 OK	truncated / Frame BFB9	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b159ba8034c5b83b5f61ec62061c9a172ed63ea7bc4a48af14f8dcea7ba13085 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame DCC6	143 B 163 B	30ms 20ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1981 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 date Fri, 19 Aug 2022 20:11:16 GMT server cafe x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 9B16	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3a71706343a8a711ba9d0e39912e482e7ae225bc2afeea888b96993a4a9167f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 3D3A	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 656c2e37e2243e7570b0541fad940961711ddaefca82e62331567938a5924aab Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame C6CE	143 B 163 B	29ms 21ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1981 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 date Fri, 19 Aug 2022 20:11:16 GMT server cafe x-content-type-options nosniff x-xss-protection 0
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 3D3A	16 KB 16 KB	21ms 21ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 12:56:05 GMT x-content-type-options nosniff age 373692 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 15 Aug 2023 12:56:05 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 3D3A	15 KB 15 KB	21ms 21ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 19:07:55 GMT x-content-type-options nosniff age 351382 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 15 Aug 2023 19:07:55 GMT
GET DATA	200 OK	truncated / Frame 5B88	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c974f89a839d6696c46c31690ef18f756f589727fb64a54028ccd853551a017c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 6506	41 KB 15 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 14:07:23 GMT content-encoding gzip x-content-type-options nosniff age 196614 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 17 Aug 2023 14:07:23 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/6092393553986610343/ Frame 0261	13 KB 3 KB	67ms 21ms	Document text/html	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4e791ca4ccfdf6fffd9961ea63b4b7e6faa1a364fd6b55eb8b091d8b25992d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 214224 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 3137 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Wed, 17 Aug 2022 09:13:53 GMT expires Thu, 17 Aug 2023 09:13:53 GMT last-modified Tue, 16 Aug 2022 15:22:18 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 6506	0 622 B	127ms 64ms	Ping image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7oYWw7p3_VkJLbRm1SN0TRYuY31s8c3lNj_n67ZJHoS0blMLdS0RzHs4TE1xi0HixSmFTFZtmde6I3fvEnMyV_Z4OHgKJXkzoQ0QqfnkfN9DGuRkLlhiaj_IQTgLQCLRf6XRh6qyXigozjR7PpQM9UeFFzvdxdJlPumtk3NPzVe_vyxZvw1cAUfZLiR0ok5aKJEPJ2vOQuWNM6jVyyDXnFTu0stxiE1m6-wOAaVVwVkdIfgeqSDXOQhYPmq7cQMBQw7k-KREGRZzsAzWkwDiONO9K3_e2uBAUYjvXBs6GYtw_aERnWE-2R-FSntEFcuAeIYw3oTULIxO0NOUQkMABCdsZX640yvkx2n2d7-ngYwX8y2-ksR_vv5WFSRxX9GILN1_JSc74o6LWFOsq3zIzFEc2p-AMaz4oPUD9XWAImng91CbViQW7QED4aGUqMjwWipct26_m8-VsBRs64b1EFITVj2b4TyvAhL3lqVhmdyv4EswmB79NHF6vQCJKaAxW9ltoCwxf5qKrY2j2y3zad8ZEtiDdbZx-M0RVKRDk8vBNIFfH_ebDlPRNo7Tp4RA9gR03SUqX0-NBO6ItT1Btde3bHsLJAQjmCyC0asuJpsNJOzElp-e7odbdwy-Rxt9v42yNMb8qk-MjHvJIGL3-N_DtcI71AdnfneIIvGEwy7jq00vbeTM5oQWD3akMmZe3FtV-wkicMsxykHlXbPhHOddlx_bYbNbnKmTuEg7MgpoellgxAng4F__SFwVeKPWP0T1Piti4wf20e0XB-jGrY4JteJrNhYwl-09GteOe9gTFkR-EMg9zXmZ8mzGJn5e4f-ZhqE1g8_IdWa7RqfvAp8-EVqUIHreUg9st9ZY45pRCRbx6zcDyTVPaGw_MhSdCpKPH06lux9UHEJycuo6wsDkMyCjup9VSZ6BH4qFybYbOi3qahOPVpJS2H0Bti_HXTBw8fTHTYemaWZBqFkTJPTewlduhNT3WlVwSkZPn02w4UWnyhSK8JNMINPtN3Q2LNkwqLCN0MChbYJrtpOjGZ0H7HMrZgzdHFTxOhN45l5In0GyUgPS7oZVRFHEusySYLqeYQqHcRLSSzZBElm2Cg-gUIOfBxqlmIsANewuv20Pk5lnFMhbErfS_WU-6x1-y0gM4IeJuacr2b_IpQvQuDtvBicMjDdtB6wzF0sChcJAFhYWqzRPmlBp3dxPZN7eUrasT0bF2B30BwzhM&sai=AMfl-YT5K0AmJ0K_n_9NU7N4ZBT44PgCN9cDrDQFJADRXWUvwrJSkqFAZrFSKw3rSlpQseP1JgJdPy57M7fJ-o9v1OfgeAM0iVzjRU1T3KzwOb-3FwR1FFAX-R2FAUWf1G0nX5EAE7H7Uwjhll-4lmIUzTC0ma3gKjQ5Q2Hi--UUrkAY4aKv6be7htIVjbex72WPJz42gvS3Z2MsOAoISK_Bx0f-o6bHqhA&sig=Cg0ArKJSzBNCA7DLwuY0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=248&cbvp=1&cstd=246&cisv=r20220817.08418&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 date Fri, 19 Aug 2022 20:44:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET DATA	200 OK	truncated / Frame 6506	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 86225d31e2f92124e1c52ca1ea63aeff9c2a19682fbe58aa351a618f01abc11c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
POST H3	200	initplayback Show response r5---sn-4g5e6nze.googlevideo.com/ Frame 10DD	268 KB 268 KB	86ms 21ms	Fetch application/vnd.yt-ump	2a00:1450:4001:66::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r5---sn-4g5e6nze.googlevideo.com/initplayback?source=youtube&orc=1&oeis=1&ip=2001%3A1b60%3A2%3A240%3A3247%3A0%3A0%3A4&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&ms=au&id=f802cec31f911e6e&ack=1&cpn=FMFIo5TwhFwTps7F&opr=1&por=1&pvi=337,336,335,315,308,303,302,299,298,399,398,397,396,395,394,313,271,248,247,244,243,242,137,136,135,134,133,160&pai=140,251,250&rn=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:66::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash d00811885f16b59abaf1772545090bbfb474c6e34b4bc1abf6748973f3f8b414 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.youtube.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type text/plain Response headers date Fri, 19 Aug 2022 20:44:17 GMT x-content-type-options nosniff expires Sat, 20 Aug 2022 20:44:17 GMT server gvs 1.0 vary Origin content-type application/vnd.yt-ump access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control public, max-age=86400 access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin https://www.youtube.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" client-protocol quic
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame C4FF	0 0	56ms 56ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBFjb6Ki7HmNXbmfS8629eHjWSWsMQrqyulpdE9MxZthwNubc4XCHE6Yv5D7wNm-MrKnExBI5uYERpjhYwcPmMVC0-5GCHM-vT2lbw8ARUexz0D-Jac__K-9eJrX2SP6NVUC6Ny96iT0Pe1sNtcJg8fDb4jrwyURvbhdmnOEepB-VGP9S52BfqYRIodMnnnQvc2T9qvvNPnEQpa60S7r-94ya_gOIB7-9I0JFHur2v8MIxdwbsZN4uX_WLSZhh2P-4s8ggaW7HxBem4JgqQFcMXm2WwfWEbJ_7y3_4TSk8t3X8VH312oC-500gOlIykhMW4kIl&sai=AMfl-YSy-nC0Cz8Vr8Igm-iiS4IaA1wAy3lXky8jEdhjbHjtEkyR9Kr_BRQc1hxlnvo3Dw0ritl5nnu4XST8HivWV3OlCI7nUGtb80l6mSqE5O6ICZSk60EbnbWv9eMOZzk8Qg&sig=Cg0ArKJSzPsu0wGCGXzFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:17 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Fri, 19 Aug 2022 20:44:17 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame C4FF	14 KB 11 KB	108ms 67ms	XHR application/json	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 398d82205a8d57d9fd52d5dc86ccede8e4f68ae90756480cbda5907c9dbfc1ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10986 x-xss-protection 0
GET H3	200	oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response pagead2.googlesyndication.com/bg/ Frame B239	36 KB 14 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 08:04:40 GMT content-encoding br x-content-type-options nosniff age 45577 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14118 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 19 Aug 2023 08:04:40 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame D6E3 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	41ms 41ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:17 GMT expires Fri, 19 Aug 2022 20:44:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:17 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response pagead2.googlesyndication.com/bg/ Frame AD01	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 08:04:40 GMT content-encoding br x-content-type-options nosniff age 45577 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14118 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 19 Aug 2023 08:04:40 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 5CF5	22 KB 8 KB	20ms 20ms	Document text/html	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 196613 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 17 Aug 2022 14:07:24 GMT expires Thu, 17 Aug 2023 14:07:24 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame DCC6 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	34ms 33ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:17 GMT expires Fri, 19 Aug 2022 20:44:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:17 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response pagead2.googlesyndication.com/bg/ Frame 883A	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 08:04:40 GMT content-encoding br x-content-type-options nosniff age 45577 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14118 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 19 Aug 2023 08:04:40 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame C6CE Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	40ms 39ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:17 GMT expires Fri, 19 Aug 2022 20:44:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:17 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response pagead2.googlesyndication.com/bg/ Frame 59D1	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 08:04:40 GMT content-encoding br x-content-type-options nosniff age 45577 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14118 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 19 Aug 2023 08:04:40 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012208081650000/ Frame C398	220 KB 61 KB	101ms 20ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 351064 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61502 x-xss-protection 0 server sffe date Mon, 15 Aug 2022 19:13:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "df13b0b17adb5918" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 15 Aug 2023 19:13:13 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012208081650000/v0/ Frame C398	14 KB 5 KB	134ms 54ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 351064 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5197 x-xss-protection 0 server sffe date Mon, 15 Aug 2022 19:13:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "aca8368210f82021" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 15 Aug 2023 19:13:13 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012208081650000/v0/ Frame C398	94 KB 28 KB	136ms 55ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 351064 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28794 x-xss-protection 0 server sffe date Mon, 15 Aug 2022 19:13:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "cc093c4134ec5f1e" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 15 Aug 2023 19:13:13 GMT
GET H2	200	amp-animation-0.1.mjs Show response cdn.ampproject.org/rtv/012208081650000/v0/ Frame C398	72 KB 16 KB	147ms 67ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/v0/amp-animation-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 902565ce7f27f6e504ee3790458fa3e9137a1c2b3d63d58ce6cd2fbcbf9db7ca Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 358596 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16649 x-xss-protection 0 server sffe date Mon, 15 Aug 2022 17:07:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "0cc7ecc69c61be2b" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 15 Aug 2023 17:07:41 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012208081650000/v0/ Frame C398	5 KB 2 KB	143ms 63ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 351064 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1913 x-xss-protection 0 server sffe date Mon, 15 Aug 2022 19:13:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "ef17e6cba96d5668" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 15 Aug 2023 19:13:13 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012208081650000/v0/ Frame C398	40 KB 13 KB	144ms 64ms	Script text/javascript	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 351064 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12948 x-xss-protection 0 server sffe date Mon, 15 Aug 2022 19:13:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "08e07a681963ea9f" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 15 Aug 2023 19:13:13 GMT
GET DATA	200 OK	truncated / Frame C398	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 827fb284210d195317d909bcf4c9be94896c04b806864e9fc9fc839e5be05e4f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H3	200	es.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame C398	3 KB 3 KB	21ms 20ms	Image image/png	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/es.png Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 01:00:03 GMT x-content-type-options nosniff server cafe age 71054 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 15820072736840818134 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2687 x-xss-protection 0 expires Sat, 20 Aug 2022 01:00:03 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame C398	295 B 322 B	22ms 19ms	Image image/png	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 05:50:56 GMT x-content-type-options nosniff server cafe age 53601 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 426692510519060060 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Sat, 20 Aug 2022 05:50:56 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame C398	0 0	30ms 28ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaReXaJQwg-Ks8K0CGwT87uSbep6HliaOhG0q791uj9bl6JQcxP6qqRPLik1gH9pBMfGYif0kMYHCL1i97ziJHQZvCqWMg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame C398	0 0	67ms 65ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CLEuOIfb_YrecEYeH7_UPzeqX8A2wgePRY93Y0b-4Dqf90o3RJRABIMb71nlgldKYgqwHoAG4hOT5AsgBCakC9zODCuXWsz7gAgCoAwHIAwiqBJoCT9CzowXbqX4q-Zn0SbrkivWMVcne1X59m-kt9xyU941i2JEvBxOlnziQm8dFUUAz3eYXKSole3I65JU50HTSEn_9srHFEqLduTv6leertPv7fSQopXx398mv2rLubew6fyCld5Rx4HlY2pVR2cdyiYkIf5hbAfwAZNCcwfQpn7I-znbH2-XkEM3RK-vWmNbeSkxTp7y7cHexLghN4zW2ZLJsBrRvqRoMDdDWKs7KEYh9LUiESnKn-F3UJoAq-tAa5waJ4sN1pOKgJi1MToAhBLGpLdBy547fcvna7gVIalQmYvj6Esfw5UBHvMvFs77CJ5twEyiKmFk858d1wLdjJXEHoVQrBHE6meKQ3Ue3QgEGvmsk0AWsnht-wATSmJ_41QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHsPubhgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDTnDHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi00NTczMjMxNTUwMzU1MjIxGOqqcg&sigh=AwKnrnpm70E&uach_m=[UACH]&template_id=419 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s01-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	ST6D_24_90px.png tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame C398	37 KB 37 KB	28ms 26ms	Image image/png	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/18203894063323421/ST6D_24_90px.png Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3a44602c24b89885202fa9380b0b2794529f2fc070842f4256fa2e02d3f2e153 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 04:13:06 GMT x-content-type-options nosniff age 405071 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37693 x-xss-protection 0 last-modified Mon, 04 Oct 2021 14:47:22 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 15 Aug 2023 04:13:06 GMT
GET H3	200	TR6P_90px.png tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame C398	35 KB 35 KB	23ms 21ms	Image image/png	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/18203894063323421/TR6P_90px.png Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8db4db356541300d59ef29e42aada4010825fcc3dee28402411ceb12989f83b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 04:13:06 GMT x-content-type-options nosniff age 405071 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35526 x-xss-protection 0 last-modified Mon, 04 Oct 2021 14:47:22 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 15 Aug 2023 04:13:06 GMT
GET H3	200	Logo_in_Orange_Box.jpg tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame C398	23 KB 23 KB	26ms 24ms	Image image/jpeg	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/18203894063323421/Logo_in_Orange_Box.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2657405e3e91a0f5d6490e8fe419c8f98e2437caca46a0c257563f11aefa3824 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 04:13:06 GMT x-content-type-options nosniff age 405071 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23485 x-xss-protection 0 last-modified Mon, 04 Oct 2021 14:47:22 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 15 Aug 2023 04:13:06 GMT
GET H3	200	CTA_DE_90px.jpg tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame C398	29 KB 29 KB	30ms 29ms	Image image/jpeg	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/18203894063323421/CTA_DE_90px.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eee5a0136bda1fdbd08716eceadb0f1d7bca3f56e142bbed1752ae05776507d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 06:01:23 GMT x-content-type-options nosniff age 52974 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29219 x-xss-protection 0 last-modified Mon, 04 Oct 2021 14:47:22 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 19 Aug 2023 06:01:23 GMT
GET H3	200	mo_power_DE.png tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame C398	4 KB 4 KB	32ms 31ms	Image image/png	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/18203894063323421/mo_power_DE.png Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 01bd2be24c866eb7e7fb6e80a1c8b829429d0c5561b731939bce42ec75aa89a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 04:13:06 GMT x-content-type-options nosniff age 405071 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3807 x-xss-protection 0 last-modified Mon, 04 Oct 2021 14:47:22 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 15 Aug 2023 04:13:06 GMT
GET H3	200	mo_performance_DE.png tpc.googlesyndication.com/sadbundle/18203894063323421/ Frame C398	5 KB 5 KB	31ms 30ms	Image image/png	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/18203894063323421/mo_performance_DE.png Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ebec77c6060c802dd84d3a3b37ae1fb8c586337fb809c917a1e3d4e98d79e80d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 15 Aug 2022 04:13:06 GMT x-content-type-options nosniff age 405071 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4987 x-xss-protection 0 last-modified Mon, 04 Oct 2021 14:47:22 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 15 Aug 2023 04:13:06 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame C4FF	17 KB 6 KB	42ms 42ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081601.js?cb=31069002 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 Aug 2022 20:44:17 GMT
GET H3	200	sting.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	2 KB 2 KB	22ms 21ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/sting.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b61929b14eb6529451dbcb5f5434188969f68cc02057d563a9db3b9591b92d44 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2104 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	txt1.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	8 KB 8 KB	30ms 27ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/txt1.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0b8cbcb59cf389b8ca11449ce132c6bff62acd77bae98e239a28ed826d28db89 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7726 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	txt3.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	10 KB 10 KB	29ms 26ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/txt3.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 19fd57aa8d7877c0da46db560ce9c8cbce09ffcf6af7299a932bb04a041183d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9951 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	txt2.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	8 KB 8 KB	43ms 41ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/txt2.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54516fff8a9e3907172f96f8e51bba682cd29253dce254f199b4132372e56381 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8517 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	txt2a.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	4 KB 4 KB	49ms 46ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/txt2a.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e08ec01ec1f7c75dd7fb608523af7f7a31b5db23636bfbb9e98d4f831ab30ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4043 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	txt2b.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	4 KB 4 KB	48ms 46ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/txt2b.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash acceeca10c7bd430647a047c76f082e90d69ab3ef3c10aa2589ca680d0cd2ead Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4382 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	img2.jpg s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	11 KB 11 KB	34ms 31ms	Image image/jpeg	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/img2.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7694c67b7b768c34067735a92d9c60a6c3cc709a37047008b16c8ee5cfaa235f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11288 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	img3.jpg s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	8 KB 8 KB	38ms 36ms	Image image/jpeg	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/img3.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bf419273c67644558beea89b3ca478ffe4b98c7984f7982c2f70383464eeae1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8473 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	img1.jpg s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	14 KB 14 KB	51ms 49ms	Image image/jpeg	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/img1.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2a82c3690dae9aba60c0df9449ec207f73213f07cb0c620a99dc3167f4e93935 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13833 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	cta.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	6 KB 6 KB	65ms 63ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/cta.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e567f904425b2e20b19ea7dfec04e43cf3e36b9f4d830bc41c95b14b9e866bbf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5877 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	logo1.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	3 KB 3 KB	62ms 60ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/logo1.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1af3d023238f654c9be5b0d33c51317620cedc7dd026b08ae7383629c976d9ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2951 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	proposition.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	1 KB 1 KB	64ms 62ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/proposition.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5ced7e6e0093af5c4242071f4d334809fed7d85374a3f9a7bd9c785d7ef147aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1440 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	caveat.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	4 KB 4 KB	60ms 58ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/caveat.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 57ffcb4f7a5e82c3f6d27f241098b76bb638c87f1af1a2fe02ecb72bf1f2809d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4374 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	caveatclosebtn.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	225 B 252 B	64ms 62ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/caveatclosebtn.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1aede1b27429a9ec1b3539e2451b7904806532630861c83294cfc576611758db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 225 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	caveatopen.png s0.2mdn.net/sadbundle/6092393553986610343/images/ Frame 0261	7 KB 7 KB	57ms 55ms	Image image/png	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/images/caveatopen.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83d0f26ea04c4e488bd17ac03327efe9888f2f5231038ae4f0c05b8979ead096 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7076 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H2	200	4a.js Show response static.adsafeprotected.com/ Frame 6506 Redirect Chain https://fw.adsafeprotected.com/rfw/st/1141311/65046779/4.js?ias_dspID=3&ias_campId=1008628059&ias_pubId=pub-3522377144365482&ias_chanId=1&ias_placementId=17989214151&bidurl=https://elpezdfw.com/&ia... https://static.adsafeprotected.com/4a.js	2 KB 2 KB	47ms 27ms	Script application/javascript	2600:9000:214f:2400:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/4a.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Server 2600:9000:214f:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 13 Aug 2022 04:06:16 GMT content-encoding gzip age 578282 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 10 Aug 2022 18:33:22 GMT server AmazonS3 etag W/"589d8955c4906ab1b8e63a2f92d932d3" vary Accept-Encoding x-amz-version-id pCSQFOjnDZCzpM5VIDx.R04Q9Qe43tqx via 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront) cache-control max-age=604800 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id UtZx7B7Lpb5unNP67yntPDUrs3E46eGuggUmZOW_vxFBK9U6vuCsew== Redirect headers pragma no-cache date Fri, 19 Aug 2022 20:44:17 GMT x-server-name app03.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/4a.js cache-control no-cache content-length 0 server nginx
GET H2	200	sca.17.5.12.js Show response static.adsafeprotected.com/ Frame F2A2	80 KB 21 KB	129ms 25ms	Script application/javascript	2600:9000:214f:2400:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.12.js Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 16 May 2022 08:34:34 GMT content-encoding gzip age 8251784 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Thu, 19 Aug 2021 16:31:24 GMT server AmazonS3 etag W/"9304f57298c3834ff107ea7ccb547996" vary Accept-Encoding x-amz-version-id 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja via 1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA53-C1 content-type application/javascript x-amz-cf-id TclrylbVspvdFm_Oc_6_wisJe8RGnDIPr8bpckVSdOrGTGkjgc7-Sw==
GET H2	200	dt dt.adsafeprotected.com/ Frame 6506	43 B 215 B	386ms 108ms	Image image/gif	52.1.235.110 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1141311&asId=745afeb4-76e2-be01-4a6e-c372b4839f06&tv=%7Bc:lLU8Sz,pingTime:-3,time:113,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teZwLCS+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C191%7C192%7C1a1%7C1b*.1141311-65046779%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&br=c Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-235-110.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:18 GMT x-server-name dt09.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame 6506	43 B 216 B	381ms 107ms	Image image/gif	52.1.235.110 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1141311&asId=745afeb4-76e2-be01-4a6e-c372b4839f06&tv=%7Bc:lLU8SA,pingTime:-6,time:114,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:114,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teZwLCS+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C191%7C192%7C1a1%7C1b*.1141311-65046779%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:elpezdfw.com*&br=c Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-235-110.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:18 GMT x-server-name dt02.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
POST H3	200	get Show response www.youtube.com/youtubei/v1/att/ Frame 10DD	19 KB 13 KB	44ms 43ms	Fetch application/json	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/att/get?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 1abcf3105edc65736679b76fd29d2815ed6d67b136b8619817dbe74ed2102f8b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220817.01.00 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D Content-Type application/json Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13773 x-xss-protection 0 expires Fri, 19 Aug 2022 20:44:17 GMT
POST H3	204	qoe Show response www.youtube.com/api/stats/ Frame 10DD	0 19 B	30ms 29ms	XHR text/html	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/qoe?fmt=398&afmt=251&cpn=FMFIo5TwhFwTps7F&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24199710%2C24219381%2C24220089%2C24226335%2C24237632%2C24238983%2C24248385%2C24255163%2C24260441%2C24261709%2C24263054%2C24268115%2C39321934&cl=468309486&seq=1&docid=-ALOwx-RHm4&ei=Ifb_YrSgIuWI6dsPgMy7wAU&event=streamingstats&plid=AAXmnilqd4sFeRtl&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F%3Fmodestbranding%3D0%26rel%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Felpezdfw.com%26widgetid%3D1&cbr=Chrome&cbrver=104.0.5112.101&c=WEB_EMBEDDED_PLAYER&cver=1.20220817.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.006:B,0.625:B,0.625:B&ctmp=sxhr:s.1;a.1,decompression:t.613;ds.1&cmt=0.006:0.000,0.625:0.000&afs=0.624:251::i&vfs=0.625:398:398::r&view=0.625:1200:675&bwe=0.625:969360&bat=0.625:1:1&vis=0.625:0&bh=0.625:0.000 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-YouTube-Client-Version 1.20220817.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D X-YouTube-Ad-Signals dt=1660941856645&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C675&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:17 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	ad_break Show response www.youtube.com/youtubei/v1/player/ Frame 10DD	17 KB 4 KB	432ms 432ms	Fetch application/json	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/player/ad_break?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash 5616baaaeab2e8c1a981b57e35c348ac0ac9d544e06b334145580ac324cbd7d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220817.01.00 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D Content-Type application/json Response headers date Fri, 19 Aug 2022 20:44:18 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3962 x-xss-protection 0 expires Fri, 19 Aug 2022 20:44:18 GMT
GET H3	200	endscreen.js Show response www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/ Frame 10DD	30 KB 8 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/endscreen.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a7d186cd38eb18f7e88c193fd2d6372310c229d3c31bcdf66219f9857a6a0bef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 15:04:50 GMT content-encoding br x-content-type-options nosniff age 106767 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8296 x-xss-protection 0 last-modified Thu, 18 Aug 2022 00:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 18 Aug 2023 15:04:50 GMT
GET H3	200	annotations_module.js Show response www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/ Frame 10DD	68 KB 20 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/annotations_module.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 152ed5b73d11850eb2b9a451dca594ff3d4c5b2e0e87c941366a197b6d26aee4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 15:06:19 GMT content-encoding br x-content-type-options nosniff age 106678 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20349 x-xss-protection 0 last-modified Thu, 18 Aug 2022 00:21:14 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 18 Aug 2023 15:06:19 GMT
GET H3	200	videoplayback Show response rr5---sn-4g5ednkl.googlevideo.com/ Frame 10DD	805 KB 805 KB	104ms 52ms	Fetch video/mp4	2a00:1450:4001:29::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednkl.googlevideo.com/videoplayback?expire=1660963457&ei=Ifb_YrSgIuWI6dsPgMy7wAU&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A4&id=o-AB8j-nlZbJAQci3huze5VOEjuM0sjHiSTxu3ZWkq9bbS&itag=398&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=cw&mm=31%2C29&mn=sn-4g5ednkl%2Csn-4g5e6nss&ms=au%2Crdu&mv=m&mvi=5&pl=29&initcwndbps=880000&spc=lT-KhpAC9oAQiGphPYX9zx0XPZxAPdg&vprv=1&mime=video%2Fmp4&ns=l7kqMD-gc-j1v3i9einslX0H&gir=yes&clen=66678515&dur=649.648&lmt=1627681626911117&mt=1660941680&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5531432&n=oswVbtu8qNHyZA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANtJPZYNpqrc_BRq5VkOq7Z1baxAGhzqXtSD8iQx_dM7AiEA4tcuSOnG1PD5MZSwRzxZOlORpywMyxQ25zXXWDDWuXc%3D&alr=yes&sig=AOq0QJ8wRAIgZVwWAg-BYgxJaHMVG8gd7NnvMZb86lNmJY7w6gsEuAcCIB0bX-D7RVIUoWs3D8ArdXdEYXg6e7JTEnlx58557Tic&cpn=FMFIo5TwhFwTps7F&cver=1.20220817.01.00&range=82574-906943&rn=2&rbuf=5339&pot=GpsBCm47npIU3tDZK9Itn36yfstwcUipTyd5mdyzSqzvPaRtEdbj7QeVXSHwqARhcciB7zCXr8yyO8cNX6H0THUAcWv24IBAMAPKGJKJQJupPy-qUGlIuYyXZYm4VHgiME_23dclrww5oIndI81JBHUZrRIpAX04kIhgbO7WCu2Su65YcAPZk7n4v_x48QvWGUdry0YEqXPKGkqHufQ= Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:29::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 933f4a07cbf7389947f1000b30b363d72973acb90dda18465c0327bdfed581e2 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT x-restrict-formats-hint None cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 824370 client-protocol quic last-modified Fri, 30 Jul 2021 21:47:06 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://www.youtube.com x-content-type-options nosniff expires Fri, 19 Aug 2022 20:44:18 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 10DD	28 B 55 B	38ms 34ms	XHR application/json	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-YouTube-Client-Version 1.20220817.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D X-YouTube-Ad-Signals dt=1660941856645&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C675&vis=1&wgl=true&ca_type=image Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Fri, 19 Aug 2022 20:44:17 GMT
POST H3	200	next Show response www.youtube.com/youtubei/v1/ Frame 10DD	36 KB 6 KB	457ms 457ms	Fetch application/json	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash c3657559160e6d83c8404ffabafefc8b55f4cd538d529ff0426ca42010f76e4f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-Youtube-Client-Name 56 X-Youtube-Client-Version 1.20220817.01.00 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D Content-Type application/json Response headers date Fri, 19 Aug 2022 20:44:18 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5847 x-xss-protection 0 expires Fri, 19 Aug 2022 20:44:18 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 6506	43 B 215 B	226ms 108ms	Image image/gif	52.1.235.110 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1141311&asId=745afeb4-76e2-be01-4a6e-c372b4839f06&tv=%7Bc:lLU8Va,pingTime:-2,time:274,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:751,beZ:752,mfA:753,cmA:755,inA:755,inZ:759,prA:759,prZ:767,si:772,poA:774,poZ:793,cmZ:793,mfZ:793,loA:865,loZ:867,ltA:1024,ltZ:1024%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:274,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B268~0%5D,as:%5B268~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teZwLCS+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C191%7C192%7C1a1%7C1b*.1141311-65046779%7C1b1%7C1b2%7C1b3%7C1c1%7C1c2,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:250,readyFired:true%7D&br=c Requested by Host: 537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com URL: https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-235-110.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:18 GMT x-server-name dt05.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	200	tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js s0.2mdn.net/ads/studio/cached_libs/ Frame 0261	105 KB 0	28ms 28ms	Script text/javascript	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35824 x-xss-protection 0 last-modified Fri, 09 Oct 2015 14:01:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 19 Aug 2022 20:44:17 GMT
GET H3	200	cssplugin_1.20.0_35574bbb2cf06c392e9036c87b5a8474_min.js s0.2mdn.net/ads/studio/cached_libs/ Frame 0261	42 KB 0	34ms 33ms	Script text/javascript	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/cssplugin_1.20.0_35574bbb2cf06c392e9036c87b5a8474_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16670 x-xss-protection 0 last-modified Wed, 04 Oct 2017 18:34:56 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 19 Aug 2022 20:44:17 GMT
GET H3	200	easepack_1.20.0_f9d13d59407792e37168747225359927_min.js s0.2mdn.net/ads/studio/cached_libs/ Frame 0261	5 KB 0	33ms 32ms	Script text/javascript	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/easepack_1.20.0_f9d13d59407792e37168747225359927_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2075 x-xss-protection 0 last-modified Wed, 04 Oct 2017 18:35:07 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 19 Aug 2022 20:44:17 GMT
GET H3	200	timelinemax_1.19.0_4cba7b163d6263b39d53727ed4c7bb6f_min.js s0.2mdn.net/ads/studio/cached_libs/ Frame 0261	20 KB 0	33ms 33ms	Script text/javascript	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/timelinemax_1.19.0_4cba7b163d6263b39d53727ed4c7bb6f_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:17 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5821 x-xss-protection 0 last-modified Tue, 06 Sep 2016 20:50:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 19 Aug 2022 20:44:17 GMT
GET H3	200	script.js s0.2mdn.net/sadbundle/6092393553986610343/ Frame 0261	3 KB 0	23ms 23ms	Script application/x-javascript	2a00:1450:4001:80b::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/6092393553986610343/script.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/6092393553986610343/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/6092393553986610343/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 17 Aug 2022 09:13:53 GMT content-encoding gzip x-content-type-options nosniff age 214224 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 689 x-xss-protection 0 last-modified Tue, 16 Aug 2022 15:22:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 17 Aug 2023 09:13:53 GMT
GET H3	200	hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response pagead2.googlesyndication.com/bg/ Frame 5CF5	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 05:38:05 GMT content-encoding br x-content-type-options nosniff age 140772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14041 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 18 Aug 2023 05:38:05 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E52	13 KB 5 KB	21ms 20ms	Document text/html	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 4834 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 19:23:43 GMT expires Sat, 19 Aug 2023 19:23:43 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame DC2A	783 B 533 B	40ms 39ms	Document text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 8830a2915bd66f2054623ff8a4428c434c4110df6dc559733ce4bb438be3c09c Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-k7wCpoHsgsB8tyJUrLUPgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-k7wCpoHsgsB8tyJUrLUPgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:17 GMT expires Fri, 19 Aug 2022 20:44:17 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	D3QXftzfrf8FrU1FZrv7XJ7OR_0fYcOk-pHr53JJ1VU.js Show response www.google.com/js/th/ Frame 10DD	36 KB 14 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/D3QXftzfrf8FrU1FZrv7XJ7OR_0fYcOk-pHr53JJ1VU.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f74177edcdfadff05ad4d4566bbfb5c9ece47fd1f61c3a4fa91ebe77249d555 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 13:50:37 GMT content-encoding br x-content-type-options nosniff age 111221 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14154 x-xss-protection 0 last-modified Mon, 08 Aug 2022 17:00:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 18 Aug 2023 13:50:37 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 6506	0 26 B	100ms 56ms	Ping image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3h9jbla6A81o2ya-scUDuA89fvIgfXO_X_TPyHi8ca6eM7XpaSeCqiUPOlhs1D1D5JI4OHscZkd8DNMtwVwMrLaaSRyyz7TMwIfWuGZz8oAaij5AzgDtSEU0ce36lE7LNMwEz9j6NFQ&sai=AMfl-YQgWc_m-NhHe6-reFE0JpUdSPwJ96PwrGBdmdCLGdgjRbDL0KEGYdoRsPCj-SN9vmAytoQQKgctObnKSOWFZji6uPSRZ0BAhWWvtUv59FbRW-RoArHdP3ZwDbYPpr4&sig=Cg0ArKJSzAwTEWP2gucUEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl= Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET DATA	200 OK	truncated / Frame 10DD	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 10DD	363 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a0fa49d1f29be7d695e29c3808992e6ca44196296b9e72616c3af294026bc76b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 10DD	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b79ec3853e32493190ce5cc7545de7c741f0960f5f6b7bc4dd6e155a8b67144a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H2	200	wolnFEWbMFAOut8ldgUBmiLJ59cegXRJlHvUHJF7ZFNsRYXMZpTo7vC8KijmCQ0ObZrq9zpjc1M=s400-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame 10DD	17 KB 17 KB	83ms 20ms	Image image/jpeg	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/wolnFEWbMFAOut8ldgUBmiLJ59cegXRJlHvUHJF7ZFNsRYXMZpTo7vC8KijmCQ0ObZrq9zpjc1M=s400-c-k-c0x00ffffff-no-rj Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash bcfba543aa9e526fd6156cd7c80d6128d431a1086ab6c92c242ff968bbf65ec0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 16:51:21 GMT x-content-type-options nosniff age 13977 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17218 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Fri, 29 Jul 2022 03:45:30 GMT
GET H2	200	maxresdefault.jpg i.ytimg.com/vi/ODTgHFEdYcA/ Frame 10DD	116 KB 117 KB	101ms 36ms	Image image/jpeg	2a00:1450:4001:802::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi/ODTgHFEdYcA/maxresdefault.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1652dbd20fd938cc4311873c342a744ad495b9f19ee506cb0f79a305f5cfdf4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119224 x-xss-protection 0 server sffe etag "1368828717" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 19 Aug 2022 22:44:18 GMT
GET H2	200	maxresdefault.jpg i.ytimg.com/vi/y9Y-q3u69SU/ Frame 10DD	67 KB 68 KB	134ms 70ms	Image image/jpeg	2a00:1450:4001:802::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi/y9Y-q3u69SU/maxresdefault.jpg Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd2f5f4eff1b549bbfda33b0a5c1484926f85140cc604b047c1adb91ad5b04e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 69056 x-xss-protection 0 server sffe etag "1637371206" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 19 Aug 2022 22:44:18 GMT
GET H2	200	maxresdefault.webp i.ytimg.com/vi_webp/0OUtdFR5hOQ/ Frame 10DD	103 KB 103 KB	123ms 59ms	Image image/webp	2a00:1450:4001:802::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/0OUtdFR5hOQ/maxresdefault.webp Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e61b1696b2c580f14b5c04f1c1fcc9ea1d3d6ce6c78939fb5ae32364c02e58d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 105134 x-xss-protection 0 server sffe etag "1656537631" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 19 Aug 2022 22:44:18 GMT
GET DATA	200 OK	truncated / Frame 10DD	247 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9c3b2179e796ef808ce3a316532f52af1b56978cd6749e8742a6dce491cdb8b7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/png
GET H2	200	featured_channel.jpg i.ytimg.com/an/L0G_Et4IZSqxN7CXL8bJJQ/ Frame 10DD	16 KB 16 KB	89ms 31ms	Image image/jpeg	2a00:1450:4001:802::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/an/L0G_Et4IZSqxN7CXL8bJJQ/featured_channel.jpg?v=519280a6 Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 20061a64e0a2ae38f2028146b0da5084aa89658f44190c6badd61d9c732d8c90 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16014 x-xss-protection 0 server sffe etag "1368555686" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 19 Aug 2022 22:44:18 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame DC2A	0 0	54ms 54ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081601&jk=3685281069652216&rc= Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response pagead2.googlesyndication.com/bg/ Frame 7E52	36 KB 14 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 05:38:05 GMT content-encoding br x-content-type-options nosniff age 140773 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14041 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 18 Aug 2023 05:38:05 GMT
GET H3	200	videoplayback Show response rr5---sn-4g5ednkl.googlevideo.com/ Frame 10DD	166 KB 166 KB	27ms 27ms	Fetch audio/webm	2a00:1450:4001:29::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednkl.googlevideo.com/videoplayback?expire=1660963457&ei=Ifb_YrSgIuWI6dsPgMy7wAU&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A4&id=o-AB8j-nlZbJAQci3huze5VOEjuM0sjHiSTxu3ZWkq9bbS&itag=251&source=youtube&requiressl=yes&mh=cw&mm=31%2C29&mn=sn-4g5ednkl%2Csn-4g5e6nss&ms=au%2Crdu&mv=m&mvi=5&pl=29&initcwndbps=880000&spc=lT-KhpAC9oAQiGphPYX9zx0XPZxAPdg&vprv=1&mime=audio%2Fwebm&ns=l7kqMD-gc-j1v3i9einslX0H&gir=yes&clen=11024624&dur=649.681&lmt=1627674437489601&mt=1660941680&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5511222&n=oswVbtu8qNHyZA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgEmb1dE6b1FbliMqsjpfhPKJJcoFzy_pPla-z7iStocECIQDluFMjsjRIn0-UM0i0NbmJ2cbUnm8j_jT2BWjEkmv7Sw%3D%3D&alr=yes&sig=AOq0QJ8wRQIgS5LQYocC2PX20XEc6Q2Hh8ksTsZ-eSQGO-qU5xj5IFUCIQC_iX9QkZCxHqdeMwh97fY7zrOuNJVwAk1EmLU1lA8pQQ%3D%3D&cpn=FMFIo5TwhFwTps7F&cver=1.20220817.01.00&range=175496-345087&rn=3&rbuf=10001&pot=GpsBCm47npIU3tDZK9Itn36yfstwcUipTyd5mdyzSqzvPaRtEdbj7QeVXSHwqARhcciB7zCXr8yyO8cNX6H0THUAcWv24IBAMAPKGJKJQJupPy-qUGlIuYyXZYm4VHgiME_23dclrww5oIndI81JBHUZrRIpAX04kIhgbO7WCu2Su65YcAPZk7n4v_x48QvWGUdry0YEqXPKGkqHufQ= Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:29::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 237b33fcb4cf27537b207b5fc11b81ae2bbbb8b835606dd3eab5c13b2aec777f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 169592 client-protocol quic last-modified Fri, 30 Jul 2021 19:47:17 GMT server gvs 1.0 vary Origin content-type audio/webm access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21299 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://www.youtube.com expires Fri, 19 Aug 2022 20:44:18 GMT
GET H2	200	25545-6629a0e07760.json Show response cdn.aimtell.io/config/	95 B 270 B	436ms 436ms	XHR application/json	2606:4700:10::ac43:1ee1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aimtell.io/config/25545-6629a0e07760.json Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1ee1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39bd848448ddf14c0601670bced03afca2cd2ca1954f62b691a4684d72a9cfd7 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT content-encoding gzip vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method cf-cache-status DYNAMIC x-amz-cf-pop FRA56-P3 x-cache Miss from cloudfront content-length 104 access-control-allow-origin * last-modified Wed, 27 Apr 2022 15:16:11 GMT server cloudflare etag "2e9a47727caf9c4def7ceb9e72845ea1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET content-type application/json via 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront) access-control-expose-headers ETag cache-control max-age=86400 accept-ranges bytes cf-ray 73d5b9f589325c74-FRA x-amz-cf-id Zmg0VEgk4a8S4FBX2vzLAMQ24nXvmJ9XbRK-elX62Wv9syyfsHVZ9A==
GET H3	204	generate_204 www.youtube.com/ Frame 10DD	0 11 B	22ms 21ms	Image text/plain	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?UisO0w Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	playback Show response www.youtube.com/api/stats/ Frame 10DD	0 18 B	30ms 30ms	XHR text/html	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=FMFIo5TwhFwTps7F&ver=2&cmt=0.126&fmt=398&fs=0&rt=0.958&euri=https%3A%2F%2Felpezdfw.com%2F&lact=1538&cl=468309486&mos=1&volume=100&cbr=Chrome&cbrver=104.0.5112.101&c=WEB_EMBEDDED_PLAYER&cver=1.20220817.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=649.681&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24199710%2C24219381%2C24220089%2C24226335%2C24237632%2C24238983%2C24248385%2C24255163%2C24260441%2C24261709%2C24263054%2C24268115%2C39321934&rtn=6&afmt=251&size=1200%3A675&inview=0&muted=1&docid=-ALOwx-RHm4&ei=Ifb_YrSgIuWI6dsPgMy7wAU&plid=AAXmnilqd4sFeRtl&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F%3Fmodestbranding%3D0%26rel%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Felpezdfw.com%26widgetid%3D1&list=PL-_n7ccOKEVh7FVUfVjK0Zc0nuPPm9AoH&of=hof7BBadFRzG-PZsLtLtfg&vm=CAMQARgBOjJBTlRLbG52TWlBVHNHbHhfWldyRUxjOUVvRExhSVdRd05qTlFnMW00WTJFaHY0YWYzUWJXQVBta0tESUpmRkZrSFM5am1admZxTmRVd3BlVGhoTHlJbTJmell1cnRGLTBiRDVpRGd0cWlMUndabTZSNDFqckVCV0xXcEpmcVJNajJvUGdUNGVlaF9B Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-YouTube-Client-Version 1.20220817.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D X-YouTube-Ad-Signals dt=1660941856645&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C675&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	ptracking Show response www.youtube.com/ Frame 10DD	0 20 B	29ms 29ms	XHR text/html	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/ptracking?html5=1&video_id=-ALOwx-RHm4&cpn=FMFIo5TwhFwTps7F&ei=Ifb_YrSgIuWI6dsPgMy7wAU&ptk=youtube_single&oid=YrSKoRKnLjhE8vGCGGjzKQ&ptchn=L0G_Et4IZSqxN7CXL8bJJQ&pltype=content Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-YouTube-Client-Version 1.20220817.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D X-YouTube-Ad-Signals dt=1660941856645&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C675&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		/ googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/ Frame 10DD Redirect Chain https://www.youtube.com/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220817&foc_id=L0G_Et4IZSqxN7CXL8bJJQ&label=followon_view&ptype=no_rmkt&random=660216157 https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220817&foc_id=L0G_Et4IZSqxN7CXL8bJJQ&label=followon_view&ptype=no_rmkt&random=660216157...	0 0
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 6506	0 26 B	59ms 59ms	Ping image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7oYWw7p3_VkJLbRm1SN0TRYuY31s8c3lNj_n67ZJHoS0blMLdS0RzHs4TE1xi0HixSmFTFZtmde6I3fvEnMyV_Z4OHgKJXkzoQ0QqfnkfN9DGuRkLlhiaj_IQTgLQCLRf6XRh6qyXigozjR7PpQM9UeFFzvdxdJlPumtk3NPzVe_vyxZvw1cAUfZLiR0ok5aKJEPJ2vOQuWNM6jVyyDXnFTu0stxiE1m6-wOAaVVwVkdIfgeqSDXOQhYPmq7cQMBQw7k-KREGRZzsAzWkwDiONO9K3_e2uBAUYjvXBs6GYtw_aERnWE-2R-FSntEFcuAeIYw3oTULIxO0NOUQkMABCdsZX640yvkx2n2d7-ngYwX8y2-ksR_vv5WFSRxX9GILN1_JSc74o6LWFOsq3zIzFEc2p-AMaz4oPUD9XWAImng91CbViQW7QED4aGUqMjwWipct26_m8-VsBRs64b1EFITVj2b4TyvAhL3lqVhmdyv4EswmB79NHF6vQCJKaAxW9ltoCwxf5qKrY2j2y3zad8ZEtiDdbZx-M0RVKRDk8vBNIFfH_ebDlPRNo7Tp4RA9gR03SUqX0-NBO6ItT1Btde3bHsLJAQjmCyC0asuJpsNJOzElp-e7odbdwy-Rxt9v42yNMb8qk-MjHvJIGL3-N_DtcI71AdnfneIIvGEwy7jq00vbeTM5oQWD3akMmZe3FtV-wkicMsxykHlXbPhHOddlx_bYbNbnKmTuEg7MgpoellgxAng4F__SFwVeKPWP0T1Piti4wf20e0XB-jGrY4JteJrNhYwl-09GteOe9gTFkR-EMg9zXmZ8mzGJn5e4f-ZhqE1g8_IdWa7RqfvAp8-EVqUIHreUg9st9ZY45pRCRbx6zcDyTVPaGw_MhSdCpKPH06lux9UHEJycuo6wsDkMyCjup9VSZ6BH4qFybYbOi3qahOPVpJS2H0Bti_HXTBw8fTHTYemaWZBqFkTJPTewlduhNT3WlVwSkZPn02w4UWnyhSK8JNMINPtN3Q2LNkwqLCN0MChbYJrtpOjGZ0H7HMrZgzdHFTxOhN45l5In0GyUgPS7oZVRFHEusySYLqeYQqHcRLSSzZBElm2Cg-gUIOfBxqlmIsANewuv20Pk5lnFMhbErfS_WU-6x1-y0gM4IeJuacr2b_IpQvQuDtvBicMjDdtB6wzF0sChcJAFhYWqzRPmlBp3dxPZN7eUrasT0bF2B30BwzhM&sai=AMfl-YT5K0AmJ0K_n_9NU7N4ZBT44PgCN9cDrDQFJADRXWUvwrJSkqFAZrFSKw3rSlpQseP1JgJdPy57M7fJ-o9v1OfgeAM0iVzjRU1T3KzwOb-3FwR1FFAX-R2FAUWf1G0nX5EAE7H7Uwjhll-4lmIUzTC0ma3gKjQ5Q2Hi--UUrkAY4aKv6be7htIVjbex72WPJz42gvS3Z2MsOAoISK_Bx0f-o6bHqhA&sig=Cg0ArKJSzBNCA7DLwuY0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1045&vt=11&dtpt=797&dett=4&cstd=246&cisv=r20220817.08418&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl= Requested by Host: elpezdfw.com URL: https://elpezdfw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	67ms 67ms	XHR application/json	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081501&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 783e68bb43248cb1b6b7e3d0d34e051b124e649b56fbf94148dbf141ebdb075d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers timing-allow-origin * date Fri, 19 Aug 2022 20:44:18 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11134 x-xss-protection 0
OPTIONS H3	204	/ googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/ Frame	0 0	74ms 30ms	Preflight text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220817&foc_id=L0G_Et4IZSqxN7CXL8bJJQ&label=followon_view&ptype=no_rmkt&random=660216157&cv_attributed=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-visitor-id,x-youtube-ad-signals,x-youtube-client-name,x-youtube-client-version,x-youtube-time-zone,x-youtube-utc-offset Access-Control-Request-Method GET Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers x-goog-visitor-id,x-youtube-ad-signals,x-youtube-client-name,x-youtube-client-version,x-youtube-time-zone,x-youtube-utc-offset access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://www.youtube.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html; charset=UTF-8 date Fri, 19 Aug 2022 20:44:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	dt dt.adsafeprotected.com/ Frame 6506	43 B 215 B	108ms 108ms	Image image/gif	52.1.235.110 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1141311&asId=745afeb4-76e2-be01-4a6e-c372b4839f06&tv=%7Bc:lLU91k,pingTime:-10,time:656,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuMTAxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660941858309%7C%7Cb2153c487940d21d848e95a1d4419c63%7C%7C5804921a8d3c64b26a083c50aad655e9%7C%7C03c50b6b3da1c31ca89dcc8ca6c29eed%7C%7C2628aa8d4f9010682a4c071f8b1d92fc%7C%7Cf2f18e90d9e7feac1518e796451d7d4e%7C%7C8ef3e2e12f1d2c4c64f549c377dc0e70%7C%7C0580632c68dbd26261ca7a951d5c7954%7C%7C1629390669,im:%7Bpci:%7Btdr:572%7D%7D%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.235.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-235-110.compute-1.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:18 GMT x-server-name dt17.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	255ms 255ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 19 Aug 2022 20:44:18 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5CF5	0 20 B	58ms 57ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bq1VqIfb_Yq3lA92p3gPUuYrYCQAAAAA4AeAEAg&bg=!m5ilmNzNAAYUOm8VNDo7ACkAdvg8Whjq_bpFIu8VU8BBU9CJIxu0CCzFbxdFhV-PwYLAfAglbrjMZAIAAAEJUgAAAAJoAQcKAC--Tq8A1PpRPv0bhs4UjmsYihtmh7lcEWxQJYIAGxgX81cwKs7k3IhAmdCybjlHjZkDNPJAf-k5b47TtdMpdbozlTWWI3FbcH-n1bW78X3zznDncSvDT8KocpeICg5nGJErz9y1Dc2ciZTqjobuYv_0QJagV_mZmDNM19-0TZTP2QAyly4c2874e1_GQI7f4hROlmpG3wwO-B-bFKDfreSSMuhLnLouBBtBNrIJSaIoaL0qCZno8yiUaw49VtySwFbPZ1cMdXxKiutuKK4qZZWMPiiSwEF7YB7BC9xWBt25wzZO_LPVMtP8ih689aiju9fOQBRunIPRCEKPYzNruxXCiR319ejpZdyW7xUQkEmmibnV5j8K6_7eAKvLqDbEshYEgPGOLaX4dgSs_eoyO5PCo6sczKjQ3hsORKIuuOV061fd1ngcC-zlIrJklYY-UD9GUZSNfHMrm-mIfSgZ8h_CGsEPdTBiv7jyC-JneJhjp7Ccbf84ToP6b4mcRNIEa-a6k7JTuxVj77mNltwRvWcWYla7Wpzk3R8eHVR_9SaiDtYjyqSa6yt-PIgrSK3S8R3FLN0rpH0h31GN_4Nwcfwjb4eeVjpTgmS3DeXkt6w8BxNxESgPdul8xn7Sfykb47k9ZD59M-_WVKjzo32Zwf30nQZ6_s4_FKBNTjxZZXVLnI32GfkRVbxdEidyaPwVXwAIZ9Neiw1YyXhZFRDYtoKOq9MYDCy3DAfIxsL1JpDZildxHas79OFBGA0zK9K7rRnJjNhXwdINbO5nJyDf4clDkjQyr1c1vpKAfhmLrdQDKVE0aLlevuA2kzEsfAHKOR0h0L4OysjvopFHmlKgflZDGp4ePvX3_TXH-2j1pcZMo_AuF4DHXwyJhKY1SMCYELW2YNmyCYDZuJcN9nzN5qVrONNyYCoUa7C8EHZo2s3X53ujnXLkuD1IPH-RfmexnYxlGscXu4j0o6rtHL7Im88EgRd9iskR0TLGJPyr9CYmqHBrEIZ8-Q_pu9tQWqKY4rLsaHpo4bTilXkOp5v5MrqmEneb9RQzGiiHNlS1dLto3yVMXQRx9ekAwEbREVCEy4pYANx6yFCyBQjy9sjnVbiEL8gaIsMz9NvQnjXLvrs5OEFoj-O5B-D00l8l8_Sliyj6j6TlDrY Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 7E52	0 12 B	20ms 19ms	Image text/plain	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?vI8fgQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5B88	42 B 64 B	63ms 63ms	Fetch image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT9Y1g2zTPFYdwPRNtUnor6n18z5VYXjA9UOsbPLGIqlPsbQ4E-FgD3zDPUu2-kwDX_0Kxtl2osaFTeE19RKJ1DiJN_Q0a_M7Izm3s1QtY_0yyKa-DgKSTYvZCdpKeddX9JfA52o1Ao1RLnXBOhtuoxkMS2mKNObdAYlfBR8tt&sai=AMfl-YTM-ppqKdUdDFbmgmcR32B0EZ7sXBKJtTOsaEfoNL2k338iL6FQFh79oGy8Va4gT9Sc06QwwqoBsXnPhGK0A1ZEw6SkNmHHfwMiUdw3NIECEOq_R3ofJ6gctqOf1mQ&sig=Cg0ArKJSzDwCqPiUIGdBEAE&id=lidar2&mcvt=1000&p=871,315,1121,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3956907833&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660941856909&rpt=478&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://537d2f3e3016bf6a29c36aca5a735f04.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame C4FF	42 B 64 B	56ms 55ms	Fetch image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstweBXfv6YcG8DzROQMSyc05xvNSWrOdda54rUY1t-7duUNWqLt8pemtwqYdiqpQ-YAeP6gRdybvIKLy4boe-4-dkPO8Yipoj96TZ_5_vEsvlYCFWzB&sig=Cg0ArKJSzHXEXUgiaqUoEAE&id=lidar2&mcvt=1000&p=238,436,328,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1708372693&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660941856829&rpt=647&isd=0&lsd=0&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7873	13 KB 5 KB	26ms 20ms	Document text/html	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 4835 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 19:23:43 GMT expires Sat, 19 Aug 2023 19:23:43 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 4C21	783 B 534 B	34ms 32ms	Document text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d962849520200669fb78314eea12d9164020897313b3259c3bac4e332442f5aa Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Uq6lIZA1dgxg1r87e8xnEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://elpezdfw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-Uq6lIZA1dgxg1r87e8xnEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 19 Aug 2022 20:44:18 GMT expires Fri, 19 Aug 2022 20:44:18 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 4C21	0 0	53ms 53ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081501&jk=1697454519115492&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response pagead2.googlesyndication.com/bg/ Frame 7873	36 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Thu, 18 Aug 2022 05:38:05 GMT content-encoding br x-content-type-options nosniff age 140773 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14041 x-xss-protection 0 last-modified Mon, 15 Aug 2022 08:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 18 Aug 2023 05:38:05 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 7873	0 12 B	19ms 19ms	Image text/plain	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?OeW9eg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:18 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 10DD	28 B 56 B	38ms 36ms	XHR application/json	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-YouTube-Client-Version 1.20220817.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D X-YouTube-Ad-Signals dt=1660941856583&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C675&vis=1&wgl=true&ca_type=image Response headers date Fri, 19 Aug 2022 20:44:18 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Fri, 19 Aug 2022 20:44:18 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame C4FF	0 0	56ms 56ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081601&jk=3685281069652216&bg=!wsGlwYXNAAYUOm8VNDo7ACkAdvg8WkF6JZhVFGo10m0cIPKwQ75fxUF3nmBM09ODHL-u8KB1cPHUtwIAAACEUgAAAAJoAQcKAJQKnEuX7OgPomsAiSG34pdSpFicl-DTSsacvHwZUcxXYvTGJ0s9uGR1aDgGPTwFhqai23UETZbaF0mvvIUd6RPlrUZnz8pKtiFlTzuHyvX3myYO6STHyEgVZF6hVN7-mZ1ExJeatqfIBCT4e60RST2_HV0PJK6OAnIpZArMvxYymzi_Xly5CVvzKHw5-n7LcXgUwb-3mQL1b8MBSOsQnVzMFw2dvV80zYm6Rw6Kj8IDjE42GDqTq8d5F9YizJi8uQRR0dctchyWT0bTVZCBWZI4nsE1eT_Qbp1s4bClGxYw0_qFyD9EzDicd9wBZOFKUln1aYtMfrY_fhcOxCOIk3MHsGWDpS3JarPmLz7qBWYXXG2BQ0WBNzick5XGw3kgsUJFsB3qKH9J3Qoyeo2c59vdOIvjsZ9FpDLe1krcAG4LT-ff7SAMto2ILQ30lqQgA4ynk-qOTfvsvWDghEtWuT5dGECtSB7wHkvlQDaJBTq5HdXfnxv2sQjS88oNGjnQ038WP0uNblEZEceV0kkQlqiTERWfrsbKKRRXo9VM6ZXT1Yt8vDnklB8Ij1TSnBaur-U8mMBRn--RvWzB9XnUJW7I1InFsTdNWTmnr3iAmAlIBx6lLjYPZR8lxb7djFTBqJDtoLaqu6FmtqzzKWCvd6EOFNhvuGxY-LfkcxbSsmg15Ax688Wp0I812SK52Wue_8EB96w6iJ7hg-mCX_lta4r8N8yX_3HuORgDKeYeruGuQzVBYn8HLt48nlFv9zdHqH5he-DfVHuJIJCNwgZmkNKTH4ViMHmIBh9URvlESYdUfFgCoK_nrlwF1DUkM_SiyN07F_kA8rpODBs1Hb1mZzZvar7CUgSuV5teiFRia7i38gdAXkgYpP73kZgG4TcHR4ycLasvwfGI6N9ao68JH9T2216PnwccstrGYG-FcQjA07-uMHXXK_hHJU_7C_Kb6oUmS-5Lphbv8brqQHQOwcd51_aH1ckmj6g00S2AJbuyePYEx2Xz_pQ_rJ2Zju82lChlepQUvqPhugXRdGBY4TFk2jWl9OKowU2Di63HzVZGR2p4S9qnndLR6ozIlOu7ScNehkb1K1Q6qJBJ75aUOb6Z-nP4cvMmnsd5xG6dTUor35aZEd1mN6cgm1oNcKq6cSUeaWePT0hFm3Dc0thbp7Qjn1-sF-8wP5hLKw0uPmZxwYO5pIePaowLtCSoFg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame C398	42 B 64 B	61ms 61ms	Image image/gif	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7LQ6PEq2CkxsjW3Y8HJmYgqFpk_uuNeKPtTXpk-z1phYPO90h0eN0_OIU8_Yaopy53-VN7zB9jZ7YZMtkU3cb6cIbL69drvvaIUxcHKd7SU_0M57i8CeCYxNC-TyyhguCi3wCWtM-IZdZ&sai=AMfl-YRYvyz1cO_9TuWYCWqum8iL7XdWUJxiEyyY0k9_CNpvniWvteUddaoMAcRKIM4XayAIZsmZHJxebUSHKpjFTdnsz8ae5hOnXUu0TQT87meqK_YI3QWpMoFojxA&sig=Cg0ArKJSzJ6p61pqOLugEAE&cid=CAASF-RohVQfCoPRvkOCSSQxHboY57Ve3pix&id=ampim&o=436,238&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=480&tls=1480&g=100&h=100&tt=1480&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1391429544 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	57ms 57ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081501&jk=1697454519115492&bg=!xcalxoLNAAYUOm8VNDo7ACkAdvg8WtK4tpTiu-QkAA83TbxocWejseAUmgMHGXVoy6ZbATamxzzcYAIAAABLUgAAAAJoAQeZAuaL8OhISxESqCWCV6au7r_9ZWZM-8XYfBagoVdwzrwlzxS8gRchKD4YYGxELXJdkdFuwoAs9te0TylKIr7GKSEZMtjkQr8OEjyDxLt_QLV01IbB61aoG-c5M0MkHmK85eOUQkeaoKuQvfLNmsK9bL2yzQ9z4yYVaM3M7-WuEAMWYXKMOdsD1AVmemG7RwQEzb1nd06XkMmNBrjvoco2CateIaG4kzCDPD3Zp27j3vImBnAAn1eLJ9_yRGIXNuKLcAO-n_qtfq51zOqryONUohPdFMIYdUxN_9dPAJZnY2yYI7Z3Q-6Cy-VgQYkOVbxrl41w-sikozmiF8RjSPwau6uTqejHaZoAGfveX4DX63UWqyUs_6UZiZ5ZfZp1qLdRufhXdnEig7yJQSFQ2xR9Fh4SFtnWm2NI7YMb9nrzqG0Naa9f17uMlPuJ9nwfOUM4KmbEIFfUQMXeBZRxPaUAgvoaxbuuO3tzIh5UjXuBFi7DVJIXdhtwXT3apjZ0xLYcWv_VexwZnyAEVhRF6cA1ztW4C2kRtHDKWuOltvoxO7tFecr-78nvu0Q5Tv-rLQluEBnvPRu2a2Xiz3XAzYkmaKruz3wtS4O8m6T2JYHct0LcHadPZO1BG1IAHFBo5nVUSOOccTHKWTnhuds-XccEaAQ65ktRs_t3l5nYTGo-VY7ZRfKihWyATMBEqO2mHDiPrsp2dsW-CxsN9CYqh69O3s0xv7TvZwvx7ixZ0m-FcKXOmvBpvZwgA2OG0r4UhvCS53SH-STyj1g3MCiyJA39Vjm9fwfXU8ARm77TesaZICwRFDpsKNECl213TpF99bXvkH2Y69VKsEiLFpJ2VKgoUzi9nF7pCvkW_OMOGCp5UDLoceTxT60xhpQTdCDhIJCE94ai8hcm_r-XlXh4a9QMvn5Ze6OGXHPBTA7UdzI871GOHYWKLt9GMibOwnERvBZZ8RDHZEU3rglNb9RCq69wUpsWb3HUwq31 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://elpezdfw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H3	200	videoplayback Show response rr5---sn-4g5ednkl.googlevideo.com/ Frame 10DD	2 MB 2 MB	30ms 30ms	Fetch video/mp4	2a00:1450:4001:29::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednkl.googlevideo.com/videoplayback?expire=1660963457&ei=Ifb_YrSgIuWI6dsPgMy7wAU&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A4&id=o-AB8j-nlZbJAQci3huze5VOEjuM0sjHiSTxu3ZWkq9bbS&itag=398&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=cw&mm=31%2C29&mn=sn-4g5ednkl%2Csn-4g5e6nss&ms=au%2Crdu&mv=m&mvi=5&pl=29&initcwndbps=880000&spc=lT-KhpAC9oAQiGphPYX9zx0XPZxAPdg&vprv=1&mime=video%2Fmp4&ns=l7kqMD-gc-j1v3i9einslX0H&gir=yes&clen=66678515&dur=649.648&lmt=1627681626911117&mt=1660941680&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5531432&n=oswVbtu8qNHyZA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANtJPZYNpqrc_BRq5VkOq7Z1baxAGhzqXtSD8iQx_dM7AiEA4tcuSOnG1PD5MZSwRzxZOlORpywMyxQ25zXXWDDWuXc%3D&alr=yes&sig=AOq0QJ8wRAIgZVwWAg-BYgxJaHMVG8gd7NnvMZb86lNmJY7w6gsEuAcCIB0bX-D7RVIUoWs3D8ArdXdEYXg6e7JTEnlx58557Tic&cpn=FMFIo5TwhFwTps7F&cver=1.20220817.01.00&range=906944-2748925&rn=4&rbuf=16580&pot=GpsBCm47npIU3tDZK9Itn36yfstwcUipTyd5mdyzSqzvPaRtEdbj7QeVXSHwqARhcciB7zCXr8yyO8cNX6H0THUAcWv24IBAMAPKGJKJQJupPy-qUGlIuYyXZYm4VHgiME_23dclrww5oIndI81JBHUZrRIpAX04kIhgbO7WCu2Su65YcAPZk7n4v_x48QvWGUdry0YEqXPKGkqHufQ= Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:29::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash e350a43e65d1d0ac6beeb9208965240f3a719061a414f9ab7869111f5fec4dc4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:21 GMT x-restrict-formats-hint None cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1841982 client-protocol quic last-modified Fri, 30 Jul 2021 21:47:06 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21296 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://www.youtube.com x-content-type-options nosniff expires Fri, 19 Aug 2022 20:44:21 GMT
GET H3	200	videoplayback Show response rr5---sn-4g5ednkl.googlevideo.com/ Frame 10DD	293 KB 293 KB	25ms 25ms	Fetch audio/webm	2a00:1450:4001:29::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rr5---sn-4g5ednkl.googlevideo.com/videoplayback?expire=1660963457&ei=Ifb_YrSgIuWI6dsPgMy7wAU&ip=2001%3A1b60%3A2%3A240%3A3247%3A%3A4&id=o-AB8j-nlZbJAQci3huze5VOEjuM0sjHiSTxu3ZWkq9bbS&itag=251&source=youtube&requiressl=yes&mh=cw&mm=31%2C29&mn=sn-4g5ednkl%2Csn-4g5e6nss&ms=au%2Crdu&mv=m&mvi=5&pl=29&initcwndbps=880000&spc=lT-KhpAC9oAQiGphPYX9zx0XPZxAPdg&vprv=1&mime=audio%2Fwebm&ns=l7kqMD-gc-j1v3i9einslX0H&gir=yes&clen=11024624&dur=649.681&lmt=1627674437489601&mt=1660941680&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5511222&n=oswVbtu8qNHyZA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgEmb1dE6b1FbliMqsjpfhPKJJcoFzy_pPla-z7iStocECIQDluFMjsjRIn0-UM0i0NbmJ2cbUnm8j_jT2BWjEkmv7Sw%3D%3D&alr=yes&sig=AOq0QJ8wRQIgS5LQYocC2PX20XEc6Q2Hh8ksTsZ-eSQGO-qU5xj5IFUCIQC_iX9QkZCxHqdeMwh97fY7zrOuNJVwAk1EmLU1lA8pQQ%3D%3D&cpn=FMFIo5TwhFwTps7F&cver=1.20220817.01.00&range=345088-644917&rn=5&rbuf=16618&pot=GpsBCm47npIU3tDZK9Itn36yfstwcUipTyd5mdyzSqzvPaRtEdbj7QeVXSHwqARhcciB7zCXr8yyO8cNX6H0THUAcWv24IBAMAPKGJKJQJupPy-qUGlIuYyXZYm4VHgiME_23dclrww5oIndI81JBHUZrRIpAX04kIhgbO7WCu2Su65YcAPZk7n4v_x48QvWGUdry0YEqXPKGkqHufQ= Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:29::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 3bc6cea552eff454837473f9835045ee7de208b1c4a27f23a49279adbf95bc26 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Fri, 19 Aug 2022 20:44:21 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 299830 client-protocol quic last-modified Fri, 30 Jul 2021 19:47:17 GMT server gvs 1.0 vary Origin content-type audio/webm access-control-allow-origin https://www.youtube.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=21296 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://www.youtube.com expires Fri, 19 Aug 2022 20:44:21 GMT
POST H3	204	atr Show response www.youtube.com/api/stats/ Frame 10DD	0 22 B	34ms 34ms	XHR text/html	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=FMFIo5TwhFwTps7F&ver=2&cmt=4.646&fmt=398&fs=0&rt=5.477&euri=https%3A%2F%2Felpezdfw.com%2F&lact=6056&cl=468309486&mos=1&volume=100&cbr=Chrome&cbrver=104.0.5112.101&c=WEB_EMBEDDED_PLAYER&cver=1.20220817.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=de_DE&cr=DE&len=649.681&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24199710%2C24219381%2C24220089%2C24226335%2C24237632%2C24238983%2C24248385%2C24255163%2C24260441%2C24261709%2C24263054%2C24268115%2C39321934&afmt=251&muted=1&docid=-ALOwx-RHm4&ei=Ifb_YrSgIuWI6dsPgMy7wAU&plid=AAXmnilqd4sFeRtl&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F%3Fmodestbranding%3D0%26rel%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Felpezdfw.com%26widgetid%3D1&list=PL-_n7ccOKEVh7FVUfVjK0Zc0nuPPm9AoH&of=hof7BBadFRzG-PZsLtLtfg&vm=CAMQARgBOjJBTlRLbG52TWlBVHNHbHhfWldyRUxjOUVvRExhSVdRd05qTlFnMW00WTJFaHY0YWYzUWJXQVBta0tESUpmRkZrSFM5am1admZxTmRVd3BlVGhoTHlJbTJmell1cnRGLTBiRDVpRGd0cWlMUndabTZSNDFqckVCV0xXcEpmcVJNajJvUGdUNGVlaF9B Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/x-www-form-urlencoded X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-YouTube-Client-Version 1.20220817.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D X-YouTube-Ad-Signals dt=1660941856645&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C675&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:22 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	watchtime Show response www.youtube.com/api/stats/ Frame 10DD	0 20 B	29ms 29ms	XHR text/html	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=FMFIo5TwhFwTps7F&ver=2&cmt=5.17&fmt=398&fs=0&rt=6.001&euri=https%3A%2F%2Felpezdfw.com%2F&lact=6581&cl=468309486&state=playing&volume=100&cbr=Chrome&cbrver=104.0.5112.101&c=WEB_EMBEDDED_PLAYER&cver=1.20220817.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=DE&len=649.681&rtn=16&afmt=251&idpj=-5&ldpj=-19&rti=6&size=1200%3A675&inview=0&st=0&et=5.17&muted=1&docid=-ALOwx-RHm4&ei=Ifb_YrSgIuWI6dsPgMy7wAU&plid=AAXmnilqd4sFeRtl&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F%3Fmodestbranding%3D0%26rel%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Felpezdfw.com%26widgetid%3D1&list=PL-_n7ccOKEVh7FVUfVjK0Zc0nuPPm9AoH&of=hof7BBadFRzG-PZsLtLtfg&vm=CAMQARgBOjJBTlRLbG52TWlBVHNHbHhfWldyRUxjOUVvRExhSVdRd05qTlFnMW00WTJFaHY0YWYzUWJXQVBta0tESUpmRkZrSFM5am1admZxTmRVd3BlVGhoTHlJbTJmell1cnRGLTBiRDVpRGd0cWlMUndabTZSNDFqckVCV0xXcEpmcVJNajJvUGdUNGVlaF9B Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/009f1d77/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Video Stats Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/?modestbranding=0&rel=1&enablejsapi=1&origin=https%3A%2F%2Felpezdfw.com&widgetid=1 X-YouTube-Client-Version 1.20220817.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtVQl91bi1Vdk9kUSig7P-XBg%3D%3D X-YouTube-Ad-Signals dt=1660941856645&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C675&vis=1&wgl=true&ca_type=image Response headers pragma no-cache date Fri, 19 Aug 2022 20:44:23 GMT x-content-type-options nosniff server Video Stats Server x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tag.simpli.fi

URL

https://tag.simpli.fi/sifitag/a2fee930-b8b0-0136-d8da-06a9ed4ca31b

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962985656/?backend=innertube&cname=56&cver=20220817&foc_id=L0G_Et4IZSqxN7CXL8bJJQ&label=followon_view&ptype=no_rmkt&random=660216157&cv_attributed=0