travel.yam.com Open in urlscan Pro
13.76.208.76  Public Scan

21 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://album.blog.yam.com/ HTTP 301
   https://travel.yam.com/article/129227 Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 50

• https://sb.scorecardresearch.com/cs/38111965/beacon.js HTTP 302
• https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 100

• https://oajs.openx.net/esp?url=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&rid=esp HTTP 302
• https://oajs.openx.net/esp?url=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&rid=esp&cc=1

Request Chain 111

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=yam.com&sn=ChromeSyncframe&so=0&topUrl=travel.yam.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=pjOziHx6ODRiOGlOaUs3ODhHaHR3TVQ5bDFlZDFiejVYdU1CZVlZM0RtaUhpaXp2UnRocU91ZWlEUWRlU3NYRU5uLzhpVjUvVG1RWUx2UDJDNVhCOCtaQXdtUVNxMXNKUUt3MjdMVkJrN2R5ekRrVnpkNkdwNTliQThVOHJiOXVSYklRL3lQSGUycUpibUFMQVEyTHNrTkduQzhYa0gveW00WXBqK0xrRFZNQVhOUFJTV3h0Vk1idXQzY2QzMlVMMlpsek9zOVBNN0FvNFBNaTVTZWF1eXpQQWNBZWZvSlNOWTBVNHJ4SEFMeUlNUVZ2QnJ6V3J4eHpYcnBieFR3YnBwT2hwT21vK0tWcG5IQkVNdEVEREdDOUliUT09fA&cppv=2

Request Chain 131

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
• https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 155

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo6rb1jG3V-Ug--C3A8oAc&google_cver=1

Request Chain 156

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJsI7TPlj-fSimFslMN-vQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1

Request Chain 157

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEMVnpyywhIEr-4-wUkQe1-g&google_cver=1

Request Chain 158

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D

Request Chain 160

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1

Request Chain 161

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJsI7TPlj-fSimFslMN-vQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1

Request Chain 162

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEA8vj-BhlabCJjHghx28WY4&google_cver=1

Request Chain 163

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D

Request Chain 164

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1

Request Chain 165

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJsI7TPlj-fSimFslMN-vQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1

Request Chain 166

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEA8vj-BhlabCJjHghx28WY4&google_cver=1

Request Chain 167

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D

Request Chain 193

• https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=d88cceed0a&subid=&uid=3d8a17155ad711ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCywGq7AibZJv3JsiX9fgPj4ua6ASm5b2gab2YnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE7QFP0Kt1XxRuJTKtachhJ7cJvJn7_3k1HnWfPGvUMHUxsant1WbSzFz1NhNJmkWTxOIFv1GWF3_UF8j_uY63Tf17QuecY6nh1s5UiEVDnq2lPre0xVogZhfI2me_uzKJ6wUEjXoyVkDToZQRtz-B_hoPJ-OU5LhduvsKVwisBi9SyJt0FjvEsszJy9QqtaNe2mCkVY-5cC90ui9Up1_10ef_NJm9-4jsZrRaCy-tel_lROurnbtEYR7jfMEDAOl-EMuCmMC_i2afEhQq2sJRhhBiPc1SnZDXM-eiQxp0PJzBztHSkSj4qf9BtMVdXOHABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_0NQLIbWr3t2j78a1t93TF7g-gUuw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-Drg4sCeddT5hqlE8Qln0MzPRV448LGyvPx7cxDLCpDfgb3R14rEzzowyt5iajk2P7074nMFiOTDI3RUIx6yxodFWLfXGBje-MNL86_Ww0FchqnKSd4iJfT-s_E12b4qqM_YqAUdC7h6QL_NiP8pVwVtB3ZvUXnJrHXF2BjHv5EdiT6Xbg%26cry%3D1%26dbm_d%3DAKAmf-B-v_V-W82vvzYEcVtCoS9Mmoo1uHg7BhD2A-Iiy3hsKhmza2L8L48kzDJ6rU8rC2vbymK-cDgQ84UR42UehTNN9OrTm8GRYNWMhQqEJOrTPehikc4XMg82V0cbAeJdjAzC2Gcwedbpzn3wY7uwsF6b-3Li5zc4RUyrw35hObiDnofPQRp_-0IsP6lBFHV4PaJ7m0KUslfXQ-9YfscoC5KW-zSi49no0JSxT3XuwgPyP2OnUTKe2GnpOMB5htwsjpGHc8gWyckLyZ-GuzuNfQPHBrhspEG9Blh3zJLBJ1lNQyJ3KIN_JgKYWcMaeCu_0yb5LwbBYU0PBgFtH5IRJ2JvjQlKbozm5tmPfF1PC1-HSAJK-VzEnEfNau8PProIkulQEeAvQH5yyvebOSESaKhazQZhAz9ZT7eYVPuEm34yAhoAyBfObHmDb1Taa9w4DaDK_mZyeYIH1pvJQegvwYZ0rlx42KiC3CJ2ZlxtGI5zAiItpdOJ5DeWGNgw9yi_-wvVxD15fWB5WAzNIhXYSQAJdzwP1w%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=5967333107920&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=d88cceed0a&subid=&uid=3d8a17155ad711ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCywGq7AibZJv3JsiX9fgPj4ua6ASm5b2gab2YnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE7QFP0Kt1XxRuJTKtachhJ7cJvJn7_3k1HnWfPGvUMHUxsant1WbSzFz1NhNJmkWTxOIFv1GWF3_UF8j_uY63Tf17QuecY6nh1s5UiEVDnq2lPre0xVogZhfI2me_uzKJ6wUEjXoyVkDToZQRtz-B_hoPJ-OU5LhduvsKVwisBi9SyJt0FjvEsszJy9QqtaNe2mCkVY-5cC90ui9Up1_10ef_NJm9-4jsZrRaCy-tel_lROurnbtEYR7jfMEDAOl-EMuCmMC_i2afEhQq2sJRhhBiPc1SnZDXM-eiQxp0PJzBztHSkSj4qf9BtMVdXOHABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_0NQLIbWr3t2j78a1t93TF7g-gUuw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-Drg4sCeddT5hqlE8Qln0MzPRV448LGyvPx7cxDLCpDfgb3R14rEzzowyt5iajk2P7074nMFiOTDI3RUIx6yxodFWLfXGBje-MNL86_Ww0FchqnKSd4iJfT-s_E12b4qqM_YqAUdC7h6QL_NiP8pVwVtB3ZvUXnJrHXF2BjHv5EdiT6Xbg%26cry%3D1%26dbm_d%3DAKAmf-B-v_V-W82vvzYEcVtCoS9Mmoo1uHg7BhD2A-Iiy3hsKhmza2L8L48kzDJ6rU8rC2vbymK-cDgQ84UR42UehTNN9OrTm8GRYNWMhQqEJOrTPehikc4XMg82V0cbAeJdjAzC2Gcwedbpzn3wY7uwsF6b-3Li5zc4RUyrw35hObiDnofPQRp_-0IsP6lBFHV4PaJ7m0KUslfXQ-9YfscoC5KW-zSi49no0JSxT3XuwgPyP2OnUTKe2GnpOMB5htwsjpGHc8gWyckLyZ-GuzuNfQPHBrhspEG9Blh3zJLBJ1lNQyJ3KIN_JgKYWcMaeCu_0yb5LwbBYU0PBgFtH5IRJ2JvjQlKbozm5tmPfF1PC1-HSAJK-VzEnEfNau8PProIkulQEeAvQH5yyvebOSESaKhazQZhAz9ZT7eYVPuEm34yAhoAyBfObHmDb1Taa9w4DaDK_mZyeYIH1pvJQegvwYZ0rlx42KiC3CJ2ZlxtGI5zAiItpdOJ5DeWGNgw9yi_-wvVxD15fWB5WAzNIhXYSQAJdzwP1w%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=5967333107920&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 194

• https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=7611a80998&subid=&uid=052aeb57d2f1a45e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y9J7AibZJr3JsiX9fgPj4ua6ASm5b2gaa2VnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE8AFP0KbpyclW2Sa1xzy8yiH6QskcbJj-IqrIZK-fWXzJQZPSa7I5c9tseO1BemNmTzuhJS8P96aTVXgpYKGg5l18XhzvF3Hq7TiK1gh_N8VLLX3YoOLab5QRRIpoO9AfXuCqA5Bs57yb6JGXGgrCTg8FV_8xsfLKEKu7AG9zrgdgx0S362kvKmeVGzfywaMN5D3tbaeEI0ZP0WkWJ1IrzsB7AlC7EbyU30Y_zhH3QmQh0NKpFD4PtkLuBw3_brfSGr_iHM4bUSQJdTVdCFVnodiVMYKY4yHXdyjXD22P1d-gINVmrPVp4ka_gNN06y786KjABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_35lDNlFpIShNYWGmnN6qgIo6MUgw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-ANKhqXm03jhpbKK3_Zpxiv4AhMlZ1XJXsYg1PdPZMGAkAbKZImUS7r3RG_liPC03C_gkQncShTvhZB3oWIg0Di_yJxF7mmwu1WuVPrVx86yPwbmQERMaKEJQROrV1mRsk1i9jOxgU6r9-DUJiYMl0VsUk3OgwEU1w5cBeYWzUdDz2fcGE%26cry%3D1%26dbm_d%3DAKAmf-BtvJng-lmo8faskJW2K8YcgHxKw9YcE_BKGBZzmGQG_U-YD9eS21uHRyeB-xuDDQx0588en8NqMTt1QEjgZ3nv6P3qpHrcjzzWyVXbsFnx0BkTxuJ6v70q88i_DXRZPj-7YwwdsMFsMW8XpUvZTnu8ZU4-Agtqbxd1z2K0iDZIHjftJFoAMMVQGwvSjWYFgdMaJ11mmO0UH31cXGRvZpok3m3J7De5RWtQJ_QwCA_GCv9_9bDivNUbJq3hlevIBgkMJrp9rDKmZ88d4iEyuP1UFIZM41qZWNcYqVT3f2Ig-A3r2PtInXNKzrav56u-cWx65Mf-HejJKYBReMptrW1_Sjo9J08Xp31MJdZm46Pq9zmu5Hz2H84tDBYkABHwmUto-NX5yag0mtBvqcwEYeSjgKBGJ3Q5vsBGaTEFmunQapFQMkgy7PBMY-1rv4bWJI2CB0gfUPeL10b41sHCue8i3rqCq6-ALY7ZOQqgR4VjpsYaN70Ca9PltPcfPvWmGSgSukNdhW0Kw_ULKpl-aNv7V0Wr8A%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=8161023177924&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=7611a80998&subid=&uid=052aeb57d2f1a45e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y9J7AibZJr3JsiX9fgPj4ua6ASm5b2gaa2VnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE8AFP0KbpyclW2Sa1xzy8yiH6QskcbJj-IqrIZK-fWXzJQZPSa7I5c9tseO1BemNmTzuhJS8P96aTVXgpYKGg5l18XhzvF3Hq7TiK1gh_N8VLLX3YoOLab5QRRIpoO9AfXuCqA5Bs57yb6JGXGgrCTg8FV_8xsfLKEKu7AG9zrgdgx0S362kvKmeVGzfywaMN5D3tbaeEI0ZP0WkWJ1IrzsB7AlC7EbyU30Y_zhH3QmQh0NKpFD4PtkLuBw3_brfSGr_iHM4bUSQJdTVdCFVnodiVMYKY4yHXdyjXD22P1d-gINVmrPVp4ka_gNN06y786KjABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_35lDNlFpIShNYWGmnN6qgIo6MUgw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-ANKhqXm03jhpbKK3_Zpxiv4AhMlZ1XJXsYg1PdPZMGAkAbKZImUS7r3RG_liPC03C_gkQncShTvhZB3oWIg0Di_yJxF7mmwu1WuVPrVx86yPwbmQERMaKEJQROrV1mRsk1i9jOxgU6r9-DUJiYMl0VsUk3OgwEU1w5cBeYWzUdDz2fcGE%26cry%3D1%26dbm_d%3DAKAmf-BtvJng-lmo8faskJW2K8YcgHxKw9YcE_BKGBZzmGQG_U-YD9eS21uHRyeB-xuDDQx0588en8NqMTt1QEjgZ3nv6P3qpHrcjzzWyVXbsFnx0BkTxuJ6v70q88i_DXRZPj-7YwwdsMFsMW8XpUvZTnu8ZU4-Agtqbxd1z2K0iDZIHjftJFoAMMVQGwvSjWYFgdMaJ11mmO0UH31cXGRvZpok3m3J7De5RWtQJ_QwCA_GCv9_9bDivNUbJq3hlevIBgkMJrp9rDKmZ88d4iEyuP1UFIZM41qZWNcYqVT3f2Ig-A3r2PtInXNKzrav56u-cWx65Mf-HejJKYBReMptrW1_Sjo9J08Xp31MJdZm46Pq9zmu5Hz2H84tDBYkABHwmUto-NX5yag0mtBvqcwEYeSjgKBGJ3Q5vsBGaTEFmunQapFQMkgy7PBMY-1rv4bWJI2CB0gfUPeL10b41sHCue8i3rqCq6-ALY7ZOQqgR4VjpsYaN70Ca9PltPcfPvWmGSgSukNdhW0Kw_ULKpl-aNv7V0Wr8A%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=8161023177924&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 205

• https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=420443128561.9514 HTTP 302
• https://5994599.fls.doubleclick.net/activityi;dc_pre=CKepwKjq4_8CFUrHmgod0M4M2Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=420443128561.9514

Request Chain 207

• https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28522900111809704444978012368016&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
• https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28522900111809704444978012368016&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 213

• https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=197139523838.1013 HTTP 302
• https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKrwKjq4_8CFZLSmgodMTUOHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=197139523838.1013

Request Chain 215

• https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61285000097486704444554012368012&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
• https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61285000097486704444554012368012&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 242

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ED9DF687538D4874B707B3CF2190155C&RedC=c.clarity.ms&MXFR=3622CB26DA7B6A512611D81BDE7B64AF HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ED9DF687538D4874B707B3CF2190155C&MUID=17AAE48EE61D69B6223EF7B3E7B168AA

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 129227 Show response travel.yam.com/article/ Redirect Chain http://album.blog.yam.com/ https://travel.yam.com/article/129227	143 KB 49 KB	1267ms 528ms	Document text/html	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software yamtravel 2021 / Resource Hash 39646fca7bce21cc0ade70187a0a4d353825c4014349b25ad2c4aa36e185e7a5 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control private Content-Encoding gzip Content-Length 49955 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Content-Type text/html; charset=utf-8 Date Tue, 27 Jun 2023 16:06:02 GMT Expires 1 days Referrer-Policy origin Server yamtravel 2021 Strict-Transport-Security max-age=31536000 Vary Accept-Encoding X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Redirect headers CF-RAY 7ddeef524c1b1c1c-FRA Cache-Control max-age=3600 Connection keep-alive Date Tue, 27 Jun 2023 16:06:01 GMT Expires Tue, 27 Jun 2023 17:06:01 GMT Location https://travel.yam.com/article/129227 NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJ69OQ0cu%2FasmBCYLQXYIVUavxEW71r0ccudjS2VtUq%2Fk6XfpGHoPhEO0klR7PKMA06r77UGikrmLldiEI4Bc7YIbwo4V8v5gVsFfDQt0REr8TACHkvcTnliI4xEgT0s0LcNHaSJUFFLRIZw%2BBi92Q%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	all travel.yam.com/style/	163 KB 41 KB	349ms 179ms	Stylesheet text/css	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://travel.yam.com/style/all?v=MEmq6_yJzSurgDD3ickK-HHJf2kuD6Rs2HsauqelcGs1 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software yamtravel 2021 / Resource Hash ac9944799f7cc9cc08742d355bf7cf5887753bd0e5a55855d1c2304c54631de8 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip Referrer-Policy origin Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Last-Modified Tue, 27 Jun 2023 16:06:02 GMT Server yamtravel 2021 Date Tue, 27 Jun 2023 16:06:02 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Cache-Control public Content-Length 40954 X-Xss-Protection 1; mode=block Expires Wed, 26 Jun 2024 16:06:02 GMT,1 days
GET H/1.1	200 OK	article-ex travel.yam.com/style/	5 KB 2 KB	526ms 176ms	Stylesheet text/css	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://travel.yam.com/style/article-ex?v=WYUVD6Zxtx_BWQ4LEMRt8MBh9DNUSblye6ZikEX0n2Y1 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software yamtravel 2021 / Resource Hash a7b7d23f537cd8730fa2dfb154620af868898fc810aa11fad7ee8e568ffa19fc Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip Referrer-Policy origin Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Last-Modified Tue, 27 Jun 2023 16:06:03 GMT Server yamtravel 2021 Date Tue, 27 Jun 2023 16:06:03 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Cache-Control public Content-Length 1805 X-Xss-Protection 1; mode=block Expires Wed, 26 Jun 2024 16:06:03 GMT,1 days
GET H/1.1	200 OK	header_member_icon.svg travel.yam.com/images/	1007 B 1 KB	525ms 176ms	Image image/svg+xml	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://travel.yam.com/images/header_member_icon.svg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/7.5 / Resource Hash 3cae33ce95d7106fd24d87ad7863d7a99e52a083b4b52f4b8f02b50e42106478 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:03 GMT Last-Modified Mon, 18 Oct 2021 09:50:08 GMT Server Microsoft-IIS/7.5 ETag "b0ee52895c4d71:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Cache-Control no-cache,max-age=2592000 Accept-Ranges bytes Content-Length 1007 X-Xss-Protection 1; mode=block Expires 1 days
GET H/1.1	200 OK	newSearchIcon.svg travel.yam.com/images/	1 KB 2 KB	524ms 174ms	Image image/svg+xml	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://travel.yam.com/images/newSearchIcon.svg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/7.5 / Resource Hash 704bc77245aafb441c252d41ae875463dfcd6c6465c1fe0c7d99139e82c64bef Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:03 GMT Last-Modified Wed, 21 Dec 2022 08:19:30 GMT Server Microsoft-IIS/7.5 ETag "d2cdbcf21415d91:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Cache-Control no-cache,max-age=2592000 Accept-Ranges bytes Content-Length 1252 X-Xss-Protection 1; mode=block Expires 1 days
GET H/1.1	200 OK	line_icon.svg travel.yam.com/images/	1 KB 2 KB	525ms 174ms	Image image/svg+xml	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://travel.yam.com/images/line_icon.svg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/7.5 / Resource Hash cc62f537b09fd1a15a5c2c2eee299c254e503a9d83553b06fb68a9f8331a5bbe Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:03 GMT Last-Modified Mon, 18 Oct 2021 09:50:08 GMT Server Microsoft-IIS/7.5 ETag "8a9f8885c4d71:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Cache-Control no-cache,max-age=2592000 Accept-Ranges bytes Content-Length 1296 X-Xss-Protection 1; mode=block Expires 1 days
GET H/1.1	200 OK	FB.svg travel.yam.com/images/	503 B 1014 B	528ms 175ms	Image image/svg+xml	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://travel.yam.com/images/FB.svg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/7.5 / Resource Hash e395c3fcf2fe0b35a88e88f08ca0247a3b0e1acaf35f89b3c8cdb6ba77b343a2 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:03 GMT Last-Modified Mon, 18 Oct 2021 09:50:10 GMT Server Microsoft-IIS/7.5 ETag "476b1d8a5c4d71:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Cache-Control no-cache,max-age=2592000 Accept-Ranges bytes Content-Length 503 X-Xss-Protection 1; mode=block Expires 1 days
GET H/1.1	200 OK	link_icon.svg travel.yam.com/images/	952 B 1 KB	182ms 182ms	Image image/svg+xml	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://travel.yam.com/images/link_icon.svg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/7.5 / Resource Hash 2d3eb9ee94083e8b089d8688382c377dc80d05c2f1bcacf4f13da3bfb11deedd Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:03 GMT Last-Modified Mon, 18 Oct 2021 09:50:07 GMT Server Microsoft-IIS/7.5 ETag "cecacf885c4d71:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Cache-Control no-cache,max-age=2592000 Accept-Ranges bytes Content-Length 952 X-Xss-Protection 1; mode=block Expires 1 days
GET H/1.1	200 OK	collect_icon_blue.svg travel.yam.com/images/	1 KB 2 KB	182ms 182ms	Image image/svg+xml	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://travel.yam.com/images/collect_icon_blue.svg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/7.5 / Resource Hash 6aa3f657272b1d7da4a38d9c56c69482d0e604c5e516ef4b8bc6d7094fc61a58 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:03 GMT Last-Modified Mon, 18 Oct 2021 09:50:11 GMT Server Microsoft-IIS/7.5 ETag "fadfa98a5c4d71:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Cache-Control no-cache,max-age=2592000 Accept-Ranges bytes Content-Length 1146 X-Xss-Protection 1; mode=block Expires 1 days
GET H2	200	20221015184519_52.jpg travelblog.tw/wp-content/uploads/2022/10/	668 KB 670 KB	142ms 32ms	Image image/jpeg	2606:4700:20::681a:e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelblog.tw/wp-content/uploads/2022/10/20221015184519_52.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36ae894fd7d9fe18991980e0a344496cc2209e920923ce257fa408539d54b2a8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 62641 alt-svc h3=":443"; ma=86400 content-length 684452 last-modified Sat, 15 Oct 2022 10:45:19 GMT server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eicEnn0iWDkJBNj5In7VIYKkvWaFzQsJIne8D7q9G6woizwVqn4hku2Zm1blS2KnKxwkLnaCnBgVCgNfxnbIAHvda3z8cTwL6JgMuEpqohFh3inGhaCtSszVJwQCqicwrzTedmN43X2UMoFD"}],"group":"cf-nel","max_age":604800} content-type image/jpeg vary Accept-Encoding cache-control public, max-age=16070400 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 7ddeef5b29de9b1f-FRA expires Wed, 28 Jun 2023 04:35:04 GMT
GET H/1.1	200 OK	preimg.png travel.yam.com/images/	119 B 627 B	183ms 182ms	Image image/png	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://travel.yam.com/images/preimg.png Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/7.5 / Resource Hash 603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:03 GMT Last-Modified Wed, 22 Sep 2021 02:57:43 GMT Server Microsoft-IIS/7.5 ETag "47be599d5dafd71:0" X-Frame-Options SAMEORIGIN Content-Type image/png Cache-Control no-cache,max-age=2592000 Accept-Ranges bytes Content-Length 119 X-Xss-Protection 1; mode=block Expires 1 days
GET H/1.1	200 OK	close_btn_1.png travel.yam.com/images/	2 KB 3 KB	181ms 181ms	Image image/png	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://travel.yam.com/images/close_btn_1.png Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/7.5 / Resource Hash 59179b1436771f0f3918212934a083459f1cfa5b054144c9263ebcd1888ceb15 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:03 GMT Last-Modified Tue, 19 Oct 2021 09:47:34 GMT Server Microsoft-IIS/7.5 ETag "e157bd57cec4d71:0" X-Frame-Options SAMEORIGIN Content-Type image/png Cache-Control no-cache,max-age=2592000 Accept-Ranges bytes Content-Length 2123 X-Xss-Protection 1; mode=block Expires 1 days
GET H/1.1	200 OK	logo.svg travel.yam.com/images/	35 KB 35 KB	609ms 551ms	Image image/svg+xml	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://travel.yam.com/images/logo.svg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/7.5 / Resource Hash cda528e08e4543006f0328f285b4b06c01a65c33167de5f062926134663fb83d Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:03 GMT Last-Modified Mon, 18 Oct 2021 09:50:07 GMT Server Microsoft-IIS/7.5 ETag "9aa0af885c4d71:0" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Cache-Control no-cache,max-age=2592000 Accept-Ranges bytes Content-Length 35346 X-Xss-Protection 1; mode=block Expires 1 days
GET H/1.1	200 OK	top_btn.png travel.yam.com/images/	4 KB 4 KB	179ms 176ms	Image image/png	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://travel.yam.com/images/top_btn.png Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/7.5 / Resource Hash bbff33f2589ecedd3ba56474d9506c91d4fbd5b20d49cece80cfe74533a2f77c Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:03 GMT Last-Modified Wed, 20 Oct 2021 02:19:22 GMT Server Microsoft-IIS/7.5 ETag "637915e558c5d71:0" X-Frame-Options SAMEORIGIN Content-Type image/png Cache-Control no-cache,max-age=2592000 Accept-Ranges bytes Content-Length 4022 X-Xss-Protection 1; mode=block Expires 1 days
GET H/1.1	200 OK	main Show response travel.yam.com/assets/	117 KB 51 KB	696ms 530ms	Script text/javascript	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://travel.yam.com/assets/main?v=CEKOa5_ZyQ_amLAH15_5Vy7dIuly6Se5vh5cBsW8eoU1 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software yamtravel 2021 / Resource Hash 707376821901915a3d4151a2c51e8afbd41a0440549e6e40708945a2daa29d6e Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip Referrer-Policy origin Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Last-Modified Tue, 27 Jun 2023 16:06:03 GMT Server yamtravel 2021 Date Tue, 27 Jun 2023 16:06:03 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type text/javascript; charset=utf-8 Cache-Control public Content-Length 51795 X-Xss-Protection 1; mode=block Expires Wed, 26 Jun 2024 16:06:03 GMT,1 days
GET H/1.1	200 OK	article Show response travel.yam.com/assets/	133 KB 47 KB	533ms 531ms	Script text/javascript	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software yamtravel 2021 / Resource Hash d36ecf8e34f4d2041fe3e0347c16cfd1f9db5c5935c5507c86d35191dd9bb238 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Encoding gzip Referrer-Policy origin Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Last-Modified Tue, 27 Jun 2023 16:06:03 GMT Server yamtravel 2021 Date Tue, 27 Jun 2023 16:06:03 GMT Vary Accept-Encoding X-Frame-Options SAMEORIGIN Content-Type text/javascript; charset=utf-8 Cache-Control public Content-Length 47449 X-Xss-Protection 1; mode=block Expires Wed, 26 Jun 2024 16:06:03 GMT,1 days
GET H2	200	js Show response www.googletagmanager.com/gtag/	124 KB 48 KB	91ms 37ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-16227618-1 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0870c51e63fd22780a9b4f0acf0ed805dc97277217a2bc2b16dff74bae23dcff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 49042 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 27 Jun 2023 16:06:02 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	138 KB 48 KB	130ms 73ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2675037296853968 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0316d30469fe96712c80f982adfb8d1ffbd8f504e6f94c9a7f9792996f5871b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://travel.yam.com/ Origin https://travel.yam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:02 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48487 x-xss-protection 0 server cafe etag 7030504340486692268 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 27 Jun 2023 16:06:02 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	78 KB 27 KB	171ms 84ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 62386a5d38b7ec6fb4f043f023e71e0fd21c08e07601a5eb844c488401669959 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:02 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26910 x-xss-protection 0 server cafe etag 738 / 19535 / m202306220101 / config-hash: 8017855317327483257 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 27 Jun 2023 16:06:02 GMT
GET H2	200	sdk.js Show response connect.facebook.net/zh_TW/	3 KB 2 KB	71ms 21ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/zh_TW/sdk.js Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b1aca9730ba7811c5a5744e6a538958496bed49767a3c150666be630867de2de Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://travel.yam.com/ Origin https://travel.yam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 27 Jun 2023 16:06:02 GMT content-md5 re1uEzHJkeQFmzyKzE/1ow== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1688 x-fb-debug R98a+ADSveH2e/bn9y8erjuva9/GkzNS/z5GyFCB9lgwDWkGUe8a2w+4ipop9m+yUafnv41zjLuPqM/GwY6CyQ== x-fb-content-md5 9df0cf53c89239a493ca85478923d755 cross-origin-opener-policy same-origin-allow-popups etag "bae87005118b0cd73a778aed85c5e4ef" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Tue, 27 Jun 2023 16:06:11 GMT
GET H2	200	ya.js Show response stats.yam.com/	4 KB 2 KB	96ms 33ms	Script application/x-javascript	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stats.yam.com/ya.js Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 618345dbd605e9f5f771324ca1aae652c6e3ee89b452a965193b072492690acb Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:02 GMT content-encoding br cf-cache-status HIT last-modified Mon, 22 Aug 2022 05:47:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5090 etag W/"b8cf4baeeab5d81:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLgGHKEVFzN%2FkVeSNskb5BURzu89u5uNkgsK4VGC1FDZHyW243p9H2h0C0Je4XzQGbDEdZaotdUXeODG5Qtn4nqmuHmLZdzp1yRaqnLX7VlgtoZXesJtG6k1XrCAr%2BA8xrRXxkbuEkZfnw8%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=14400 cf-ray 7ddeef5c0c901d9a-FRA
GET DATA	200 OK	truncated /	154 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56b8d0bcb8b5014d9ceff45b9fe05fc685fe8e1b74c41adbfb745009378fcc04 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	152 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b7d0ce3ec45f107b634eb4c9ee24ccad7349574464fca3700d7e9521c146a101 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	nbAvrClNwqU Show response www.youtube.com/embed/ Frame E7F0	75 KB 32 KB	149ms 91ms	Document text/html	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/nbAvrClNwqU Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2055fa3dcdd656e3f63001829f9ec8138fd1bd17980dbb51c20564c1673fc1b5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:03 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H2	200	2023062118134654.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=220,fit=cover,f=auto/DATA/ARTICLE/	14 KB 14 KB	87ms 69ms	Image image/avif	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=220,fit=cover,f=auto/DATA/ARTICLE/2023062118134654.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8c38e1fb41779dad554169c0560766cc47b8db83ee3e386df1efa07bdb6b081 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:03 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 14177 cf-resized internal=ok/h q=0 n=16+147 c=10+106 v=2023.6.2 l=14177 last-modified Wed, 21 Jun 2023 10:13:46 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfxOqiBVfANzLjjkiNg9N073o9gFIAYIC2Br2dh6kyDQ:1e8b981029a4d91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXAFlt9bOFrvl1CwKoPwHOcglp%2FQhUSG3MTP0147AFIv1vYnIxVIRNDlGfzQ4H%2FwG9vLFKybSGyPP%2FuJ6pA%2FH3AXtC2ccBNpVriv6ctoHuYqX%2FtAlGrKf7jA%2BQpLtflZ27G3diWKKnLn6cdSl3yJ"}],"group":"cf-nel","max_age":604800} content-type image/avif cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef5ed8b31d9a-FRA
GET H2	200	2023062111210643.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=220,fit=cover,f=auto/DATA/ARTICLE/	16 KB 16 KB	96ms 77ms	Image image/avif	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=220,fit=cover,f=auto/DATA/ARTICLE/2023062111210643.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 224c5918795a0c5f4a6e3428f395ea2984ec0e54557675d40bf3ba1c8c077c02 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:03 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 16131 cf-resized internal=ok/h q=0 n=20+271 c=10+104 v=2023.6.2 l=16131 last-modified Wed, 21 Jun 2023 03:21:06 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfExlkAr7fmaq8CzIqGokpLQzygFIAYIC2Br2dh6kyDQ:4d57e6aefa3d91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tA%2FRbra%2F1HEMkbftpvy5l4ETM7MUOW6oXmM04AI72HOmJm5sCxOMVBxE8ssPm30QLdj6CrXaG06S9OoHDZbpyAyp2GUjdpbSUz58vwqVC23kvztBVY4kA3%2B7v348XkwW%2FAmPBX%2F38Izmoe18gk%2BO"}],"group":"cf-nel","max_age":604800} content-type image/avif cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef5ed8af1d9a-FRA
GET H2	200	2023062021014594.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=220,fit=cover,f=auto/DATA/ARTICLE/	16 KB 17 KB	85ms 67ms	Image image/avif	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=220,fit=cover,f=auto/DATA/ARTICLE/2023062021014594.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a77ec44355a9f2792f377a7c6b62b678d6d3e6f075445343bb3173c1bc4f600a Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:03 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 16549 cf-resized internal=ok/h q=0 n=14+155 c=0+0 v=2023.6.2 l=16549 last-modified Tue, 20 Jun 2023 13:01:45 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfFJGmJMVxI6m0uENPfdO9LSmGgFIAYIC2Br2dh6kyDQ:f3fa995d77a3d91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkQaEgvOHpZ9tYdiFgJh2M2ru6viZSQU6SHdSrd1eLIaoPG0pCJq6M2T58pa2qnuLxLE%2FphHy5ulV9Uk%2FOFJl1osKrSWdYYzgtiDNZZiXKTkIIGzbqXhHwGsm8e68bD4EW6m3%2FCrGpVE4G2vTuj0"}],"group":"cf-nel","max_age":604800} content-type image/avif cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef5ed8a91d9a-FRA
GET H2	200	2023062110302027.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=220,fit=cover,f=auto/DATA/ARTICLE/	25 KB 26 KB	73ms 55ms	Image image/avif	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=220,fit=cover,f=auto/DATA/ARTICLE/2023062110302027.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 762c377d1808daac3f4e5e3afb4d28afb2312e222594db81adb9d938c74aacf4 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:03 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 25679 cf-resized internal=ok/h q=0 n=11+1070 c=0+0 v=2023.6.2 l=25679 last-modified Wed, 21 Jun 2023 02:30:20 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfIqlxguS3fHyJ93tRmnTQoghHgFIAYIC2Br2dh6kyDQ:6dc7f152e8a3d91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAj%2BzuzWboM7UoEY99aTh4BLAWBOAV%2BVNjV5q%2Fa7C48VnxgdPJTcrKhbTICdY9ZoEw%2BSCRUgCNSPPFuIgE7ZF0SEM%2F2yltwHtpqEqiUZHpsL47gdnQDghznvelpPz7%2FcfAo4MhaBTJRr%2BF5sFYqU"}],"group":"cf-nel","max_age":604800} content-type image/avif cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef5ed8b81d9a-FRA
GET H2	200	2023062117542890.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=220,fit=cover,f=auto/DATA/ARTICLE/	15 KB 16 KB	96ms 78ms	Image image/avif	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=220,fit=cover,f=auto/DATA/ARTICLE/2023062117542890.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20d1df99aaf62bda65a3af6d0e28781122c0c218842808849ececf32461f8890 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:03 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 15728 cf-resized internal=ok/h q=0 n=8+308 c=0+0 v=2023.6.2 l=15728 last-modified Wed, 21 Jun 2023 09:54:28 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cffO3nPuj7ZGJOpdvtBKtICOvmgFIAYIC2Br2dh6kyDQ:87b2ba5e26a4d91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUZGffxrM2gGxqKP58Uz9QSJKMVSA3aptiU9IjspUzK8wFJ1s3SJbJv7%2FqZDbHbs9aRnWImJN2IB2fZaDi58A5kHw1DkyolXZBr9ouO949J6WAHpF8i3jdBhmOENHMp6ZJnMiXKJn4YeD54QZhAX"}],"group":"cf-nel","max_age":604800} content-type image/avif cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef5ed8b41d9a-FRA
GET H2	200	2023062011522335.jpg travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover,f=auto/DATA/ra/	21 KB 21 KB	109ms 91ms	Image image/avif	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover,f=auto/DATA/ra/2023062011522335.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f78a772dafe4da3794cf6fbdf4639a82b3fbc2b4195e473bc0c2d71bd18cab55 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:03 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 21434 cf-resized internal=ram/m q=0 n=0+209 c=0+0 v=2023.6.2 l=21434 last-modified Tue, 20 Jun 2023 03:52:23 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfzw7aAOQ3gkjzMW9fOW068UOeiD5DZLKD0_WDTYK9DQ:95bf79e2aa3d91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDAP1DYpAqY2V3LgXZNdSf9M8wWVIdgH8oXPt%2FGte2f8vWjY86EsZb2igH2bCmh4PgoILDW4DL128jFlS8hnU7nJoEgDj%2FusaISjkXJzAkYpoNkFgeaHrEt%2FXC1YKfajhaFQ03Kbd4Jwg1x%2F0mJj"}],"group":"cf-nel","max_age":604800} content-type image/avif cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef5ed8b71d9a-FRA
GET H2	200	2023060915454346.png travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover,f=auto/DATA/ra/	14 KB 14 KB	42ms 42ms	Image image/avif	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover,f=auto/DATA/ra/2023060915454346.png Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b135c9f7125ea1e55903e94e391f06614fb2811c302a23240887e5fd60edab06 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:03 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 13973 cf-resized internal=ram/m q=0 n=0+0 c=0+0 v=2023.5.0 l=13973 last-modified Fri, 09 Jun 2023 07:45:43 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfPb0rHCJ6KJ59sH-GF4mmXBsRiD5DZLKD0_WDTYK9DQ:11a53a65a69ad91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rY2awEt78q2woMWUvY%2B62QGzcTmhIk7A1PfPjB7YEeTr04hxTBBfY1m3gbg8T%2FX3lPPrEB6ECwT%2F64pzfqgvv4VX%2B3iMqezUBrSyAhkRIaDRTTs41lDFI%2FqeDNPbmNQApe3IsNgX13uNLpWoVJhE"}],"group":"cf-nel","max_age":604800} content-type image/avif cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef5f39741d9a-FRA
GET H2	200	2023062011333987.jpg travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover,f=auto/DATA/ra/	20 KB 21 KB	41ms 39ms	Image image/avif	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover,f=auto/DATA/ra/2023062011333987.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 871850f927b957c3763faab13e1884e8a6b6dd8a82b14f7c5a71d21466a89d92 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:03 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 20615 cf-resized internal=ram/m q=0 n=0+128 c=0+86 v=2023.6.2 l=20615 last-modified Tue, 20 Jun 2023 03:33:39 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cftUgkmQd6Cw9CmZBN_V69UyhYiD5DZLKD0_WDTYK9DQ:5d3a1128a3d91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rip5Gui1vxO29seqo%2B0FmB5%2FLs0v%2B0d4KNXZ2syTC9lmiZgItOi4f4WviZDK6VXrjmi4IfIjyb91jM%2FlvdfyM1kmiIFgSnK%2B7zd1ri8jkA3UXmpDjj1grhRxn37FEHUruX%2BFfQcWOCcCJDdHoQhj"}],"group":"cf-nel","max_age":604800} content-type image/avif cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef5f397e1d9a-FRA
GET H2	200	2023062115125096.jpg travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover,f=auto/DATA/ra/	13 KB 14 KB	42ms 42ms	Image image/avif	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover,f=auto/DATA/ra/2023062115125096.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 016c1a1caf682af47481a5caf8b45e05093dbfde573504c15d19f0d77e4bb701 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:03 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 13797 cf-resized internal=ram/m q=0 n=0+447 c=0+0 v=2023.6.2 l=13797 last-modified Wed, 21 Jun 2023 07:12:50 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfM8_aFNIJzIRyCHlhJKIA9ynbiD5DZLKD0_WDTYK9DQ:a8bcf5c9fa4d91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMLTJzGUAeOm9HPFXDlqyh6ZQbvUwQS2TIcp7%2BjMeaaxvraD2HDIUSbGfG%2BNNO5heQgyXLR1n4HgtGJO6t%2B%2B2RMYbzLsCje1j2NsYhG4LArze5LxDjFytjS5gJcWYLBJ1K5Ii2wNT05x81RZNao%2B"}],"group":"cf-nel","max_age":604800} content-type image/avif cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef5f599f1d9a-FRA
GET H2	200	www-player.css www.youtube.com/s/player/b7910ca8/ Frame E7F0	409 KB 48 KB	28ms 26ms	Stylesheet text/css	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/b7910ca8/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/nbAvrClNwqU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1d1344f683ff94966f09f19d2430f95e069888ea2e805bbc16087089a1676 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/nbAvrClNwqU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 13:18:06 GMT content-encoding br x-content-type-options nosniff age 10077 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49247 x-xss-protection 0 last-modified Wed, 21 Jun 2023 01:47:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Jun 2024 13:18:06 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame E7F0	15 KB 16 KB	84ms 24ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/nbAvrClNwqU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 24 Jun 2023 00:54:58 GMT x-content-type-options nosniff age 313865 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 00:54:58 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame E7F0	15 KB 15 KB	144ms 85ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/nbAvrClNwqU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 20 Jun 2023 20:23:37 GMT x-content-type-options nosniff age 589346 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Jun 2024 20:23:37 GMT
GET H2	200	www-embed-player.js Show response www.youtube.com/s/player/b7910ca8/www-embed-player.vflset/ Frame E7F0	309 KB 93 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/b7910ca8/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/nbAvrClNwqU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec04b0cbff975ede3ad1681dfeade7e51f43bbb736d52c49f95ff1f7280d5283 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/nbAvrClNwqU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 13:44:05 GMT content-encoding br x-content-type-options nosniff age 8518 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95119 x-xss-protection 0 last-modified Wed, 21 Jun 2023 01:47:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Jun 2024 13:44:05 GMT
GET H2	200	base.js Show response www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/ Frame E7F0	2 MB 748 KB	52ms 52ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/nbAvrClNwqU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c580be750c6f07046cf36d81e1708adb9fe3866b893a043a9e4e390346aed7a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/nbAvrClNwqU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 21 Jun 2023 15:44:41 GMT content-encoding gzip x-content-type-options nosniff age 519682 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 765882 x-xss-protection 0 last-modified Wed, 21 Jun 2023 01:47:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 20 Jun 2024 15:44:41 GMT
GET H2	200	fetch-polyfill.js Show response www.youtube.com/s/player/b7910ca8/fetch-polyfill.vflset/ Frame E7F0	9 KB 3 KB	51ms 51ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/b7910ca8/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/nbAvrClNwqU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/nbAvrClNwqU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:55:15 GMT content-encoding br x-content-type-options nosniff age 648 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2625 x-xss-protection 0 last-modified Wed, 21 Jun 2023 01:47:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 26 Jun 2024 15:55:15 GMT
GET H2	200	id Show response googleads.g.doubleclick.net/pagead/ Frame E7F0 Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	100 B 242 B	52ms 37ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/nbAvrClNwqU Protocol H2 Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8704586b2282c8d37124a9e19b0f746b9574c5604bd19b0a45f0cc4d47d0f617 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Tue, 27 Jun 2023 16:06:03 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame E7F0	29 B 495 B	378ms 19ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/b7910ca8/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:51:18 GMT x-content-type-options nosniff age 886 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 27 Jun 2023 16:06:18 GMT
POST H/1.1	200 OK	getBroadcast Show response travel.yam.com/web/	145 B 560 B	178ms 177ms	XHR application/json	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://travel.yam.com/web/getBroadcast Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/main?v=CEKOa5_ZyQ_amLAH15_5Vy7dIuly6Se5vh5cBsW8eoU1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software yamtravel 2021 / Resource Hash 31eacf6644107591eb245bfc7b0fb59b6e18a8c5f2976a27c0121e1b722290eb Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://travel.yam.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:04 GMT Server yamtravel 2021 X-Frame-Options SAMEORIGIN Content-Type application/json; charset=utf-8 Cache-Control private Content-Length 145 X-Xss-Protection 1; mode=block Expires 1 days
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	91ms 28ms	Preflight text/html	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Tue, 27 Jun 2023 16:06:04 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E7F0	68 KB 31 KB	39ms 38ms	XHR application/json+protobuf	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2b5cc0171a188dc2788a73903586fea5d1f290a39d4f1de766ebf9fbc64c15dc Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json+protobuf Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31586 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/ Frame E7F0	116 KB 33 KB	33ms 32ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 561d26ec98885271bc6383256b9238894cb707d41980144a1397c5c774a061f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/nbAvrClNwqU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 21 Jun 2023 15:44:42 GMT content-encoding br x-content-type-options nosniff age 519682 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33597 x-xss-protection 0 last-modified Wed, 21 Jun 2023 01:47:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 20 Jun 2024 15:44:42 GMT
GET H2	200	Lj5lmey1qHOFmMbfuxy9CdMOseEmwpJKbtoBBKxW9PI.js Show response www.google.com/js/th/ Frame E7F0	37 KB 15 KB	73ms 20ms	Script text/javascript	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/Lj5lmey1qHOFmMbfuxy9CdMOseEmwpJKbtoBBKxW9PI.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2e3e6599ecb5a8738598c6dfbb1cbd09d30eb1e126c2924a6eda0104ac56f4f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 10:03:34 GMT content-encoding br x-content-type-options nosniff age 21750 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14538 x-xss-protection 0 last-modified Mon, 05 Jun 2023 09:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 26 Jun 2024 10:03:34 GMT
GET H2	200	maxresdefault.jpg i.ytimg.com/vi/nbAvrClNwqU/ Frame E7F0	267 KB 267 KB	89ms 28ms	Image image/jpeg	2a00:1450:4001:830::2016 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi/nbAvrClNwqU/maxresdefault.jpg Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/nbAvrClNwqU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 04fea714346bcd0f159607c4e5c653acec991f4364971e1214230a4b3b67d6ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:27:31 GMT x-content-type-options nosniff age 2313 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 273073 x-xss-protection 0 server sffe etag "1655013589" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 27 Jun 2023 17:27:31 GMT
GET H3	200	embed.js Show response www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/ Frame E7F0	28 KB 8 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b12b3ab0eabe859a234a7c7a4ba8b462cee704523c230a6670ac4f9439122a76 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/nbAvrClNwqU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 21 Jun 2023 15:44:42 GMT content-encoding br x-content-type-options nosniff age 519682 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8182 x-xss-protection 0 last-modified Wed, 21 Jun 2023 01:47:35 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 20 Jun 2024 15:44:42 GMT
GET DATA	200 OK	truncated / Frame E7F0	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H2	200	cz-F6WYhsniAr8SfG9Jg1ZX1UgndT26t1bSshjCzKcQXOoJqeA79cFD0pQIxPp68l4TFNsz5=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame E7F0	1 KB 2 KB	98ms 27ms	Image image/jpeg	2a00:1450:4001:801::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/cz-F6WYhsniAr8SfG9Jg1ZX1UgndT26t1bSshjCzKcQXOoJqeA79cFD0pQIxPp68l4TFNsz5=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/nbAvrClNwqU Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 5877afecf52eaf4e68a7501a96bdb96380c42f0a8f7c915ffa538dc390e49b8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:46:03 GMT x-content-type-options nosniff age 1201 content-disposition inline;filename="channels4_profile.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1346 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 28 Jun 2023 15:46:03 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	112 KB 43 KB	62ms 34ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WM6HSTL Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 18aec8e19909ad5fe62b3b4f5ccb2b6fdb04a9f6487bedac93e3718ef6e5041e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44161 x-xss-protection 0 last-modified Tue, 27 Jun 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 27 Jun 2023 16:06:04 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/internal-cs/default/ Redirect Chain https://sb.scorecardresearch.com/cs/38111965/beacon.js https://sb.scorecardresearch.com/internal-cs/default/beacon.js	4 KB 2 KB	27ms 24ms	Script application/javascript	108.138.7.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/internal-cs/default/beacon.js Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Server 108.138.7.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-125.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:59:43 GMT content-encoding gzip via 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront) last-modified Thu, 09 Mar 2023 10:02:11 GMT server AmazonS3 x-amz-cf-pop FRA56-P6 age 382 x-amz-server-side-encryption AES256 etag W/"77ff4ede4693897337a38594321529a3" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id xYsXr85zeS9D8wU1WppUxtPM8SyiaodU-7QLHVHqfOdoxS2pM27xBw== Redirect headers date Tue, 27 Jun 2023 16:06:04 GMT via 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop FRA56-P6 x-cache Miss from cloudfront location /internal-cs/default/beacon.js content-length 0 x-amz-cf-id n5vwev1dp01X708dPVZj5beg_S1DoFygKMX9TDzdWCw6Yq_IkxkxXw==
GET H2	200	bkbq66l8qj Show response www.clarity.ms/tag/	1 KB 1 KB	257ms 135ms	Script application/x-javascript	2620:1ec:46::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/bkbq66l8qj Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash babdf23a1b4af265a4f52d93b0e26a5945a78fe2229cd956e2708189d2782656 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers expires -1 date Tue, 27 Jun 2023 16:06:04 GMT x-azure-ref 20230627T160604Z-rxawccn67t5y7enqvzzp27p4p400000003b000000000vfn3 x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 1081 request-context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/	346 KB 119 KB	162ms 100ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2675037296853968&plah=travel.yam.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2675037296853968 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c6b95593bcf687784d579d155a8e11c7a97ba0403c7e8f3dc1aa99744bed872e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 121416 x-xss-protection 0 server cafe etag 17782408932205847927 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 27 Jun 2023 16:06:04 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230621/r20190131/ Frame CB05	15 KB 6 KB	30ms 21ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230621/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2675037296853968 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9541f1344aa0e2b56335ed62fd0847d5fec8f00905993a8c792644e474fc6243 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 3707 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 6060 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 15:04:17 GMT etag 10051650817920216602 expires Tue, 11 Jul 2023 15:04:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/	393 KB 125 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3086c49956d51c2cba2562ba86a083aedf01d66f41c264f158f5d4f6e632c3eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 10:11:28 GMT content-encoding br x-content-type-options nosniff age 21276 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127939 x-xss-protection 0 server cafe etag 10569078359274256513 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Wed, 26 Jun 2024 10:11:28 GMT
GET H2	200	sdk.js Show response connect.facebook.net/zh_TW/	307 KB 87 KB	25ms 23ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/zh_TW/sdk.js?hash=ae4e588252701a8583d9b900312d404d Requested by Host: connect.facebook.net URL: https://connect.facebook.net/zh_TW/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c2059d068ed159be8871a205ad88b17bed0b326c22db5479680ac35a19cd05f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://travel.yam.com/ Origin https://travel.yam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 27 Jun 2023 16:06:04 GMT content-md5 Jbka2rGLrXVybaxumK1Kig== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88918 x-fb-debug fsSxsEk9Baxm2dSJ+Qr0OTN6Uk73Px8D+sYIOJAShJFG4BrYEmx1xDyKwawq65nByD/Eh4WPYAWIwvFGlfDmwg== x-fb-content-md5 61c9d009d7a154b509af170a1e5b0b9a cross-origin-opener-policy same-origin-allow-popups etag "0af95159c9b4698f14e2e3e9dfff03e2" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Wed, 26 Jun 2024 15:46:14 GMT
GET H2	200	/ stats.yam.com/y/collect/	0 0	1045ms 987ms	Fetch	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stats.yam.com/y/collect/?v=1&cid=travel.yam.com&uid=yam.16878819640009236&ul=en-us&sr=1600x1200&dl=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&dr=&dt=%E5%AE%9C%E8%98%AD%EF%BD%9C%E9%BE%9C%E5%B1%B1%E5%B3%B6%E7%99%BB%E5%B3%B6%E6%94%BB%E7%95%A5%EF%BC%9A%E4%B8%80%E6%97%A5%E9%81%8A%E8%A1%8C%E7%A8%8B%E9%80%99%E6%A8%A3%E5%AE%89%E6%8E%92%EF%BC%81%E5%B8%B6%E4%BD%A0%E7%8E%A9%E9%81%8D%E9%BE%9C%E5%B1%B1%E5%B3%B6%E3%80%81%E4%BA%AB%E5%8F%97%E7%84%A1%E6%95%B5%E7%BE%8E%E6%99%AF%E3%80%8C%E7%89%9B%E5%A5%B6%E6%B5%B7%E3%80%8D+-+%E8%BC%95%E6%97%85%E8%A1%8C&en=page_view&ea=&ev= Requested by Host: stats.yam.com URL: https://stats.yam.com/ya.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT x-aspnetmvc-version 5.2 cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-aspnet-version 4.0.30319 server cloudflare x-powered-by ASP.NET report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoPtmFtjCej41%2Fj5w6LctfZb%2F8MnuWhW2g2W7MKf9R%2B%2FTs078eC3iKZWxdZbIUxljorCQUhLlrxhNVp0Be29qHzadE4mQCLp279z8w7dhWESDR%2FRxtWxIIQ%2BGYAPj4TiQLx2fDdONpuMuIw%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cache-control private cf-ray 7ddeef649e5c367f-FRA content-length 0
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	28ms 28ms	Preflight text/html	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Tue, 27 Jun 2023 16:06:04 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E7F0	90 B 134 B	38ms 36ms	XHR application/json+protobuf	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b2689a2dde9a7e6df282628b2dd767565be802417624cb0252fa69153a99cdf2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json+protobuf Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110 x-xss-protection 0
GET H3	200	js Show response www.googletagmanager.com/gtag/	259 KB 88 KB	40ms 40ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7654c90032e965f9730cb476271ed9d563bb9593c3b22e99714ff5cfd6a0bbbe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 90041 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 27 Jun 2023 16:06:04 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	82ms 21ms	Script text/javascript	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 27 Jun 2023 15:04:41 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 3683 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 27 Jun 2023 17:04:41 GMT
POST H/1.1	200 OK	chkCOLLECT Show response travel.yam.com/api/	33 B 447 B	176ms 176ms	XHR application/json	13.76.208.76 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://travel.yam.com/api/chkCOLLECT Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/main?v=CEKOa5_ZyQ_amLAH15_5Vy7dIuly6Se5vh5cBsW8eoU1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 13.76.208.76 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software yamtravel 2021 / Resource Hash 056c903bef58591fa26ee7b3b6372168a3160ed036503b4182cc758450e24672 Security Headers Name Value Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://travel.yam.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Strict-Transport-Security max-age=31536000 Content-Security-Policy default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval' Referrer-Policy origin Date Tue, 27 Jun 2023 16:06:04 GMT Server yamtravel 2021 X-Frame-Options SAMEORIGIN Content-Type application/json; charset=utf-8 Cache-Control private Content-Length 33 X-Xss-Protection 1; mode=block Expires 1 days
GET H2	200	2023011714564186.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/topic/	17 KB 18 KB	45ms 39ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/topic/2023011714564186.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ce50e75e7ed16a14744dfec1eb5ace3f0faf1351c967fadf5a3e03cbcbaf669 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 17756 cf-resized internal=ok/h q=0 n=12+0 c=3+26 v=2023.5.0 l=17756 last-modified Tue, 17 Jan 2023 06:56:41 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cf26xgEMHscsKrR3H_p5oWOd6v1qjw1B8N7gxOH-pBDQ:eb33b7da402ad91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxP4Ns%2BxYqk40%2FZ%2FYycWROc8astxQwLAwadTTq3I3rWizb01nUqjDkoqz86CbJRUv%2BDFmJNT2hyniKVv4zdl%2B9u2I66gz9uUG4vfS%2FQMhRKHCWHU4LW57QaTr%2BnbfHLiPeIW7tIzb01RAJBR%2BygO"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef65288a1d9a-FRA
GET H2	200	2023011714450874.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/topic/	21 KB 21 KB	213ms 208ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/topic/2023011714450874.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 176b7258f25e4c082d0b0c9d799fdb0aae52057540e093cb4945e91193635b2b Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 21191 cf-resized internal=ok/h q=0 n=16+0 c=3+28 v=2023.5.0 l=21191 last-modified Tue, 17 Jan 2023 06:45:08 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfbVcpHQ9AsWFif6j5eLujQBL51qjw1B8N7gxOH-pBDQ:d23c5a3d3f2ad91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uh3KxCIn7fPaTOHComT3wYL4Yf4QgaQjZCzSQ4%2FREjSNv4X6eaN0A2Yn5ceUspdpmUAoASezyGAtbN6qI8giNgTSpMpdERjrOSBmJdH98Zj0qixf%2FofvOF8dGyyEt2QEIRsbq1qmRCipSp2J9lPz"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef65288e1d9a-FRA
GET H2	200	2023011711413725.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/topic/	15 KB 16 KB	235ms 230ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/topic/2023011711413725.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1d8053f86d63e114e6873bfe8097947551e7d9da94c6765d2a0f899e4d81a38 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 15700 cf-resized internal=ok/h q=0 n=10+0 c=2+23 v=2023.6.0 l=15700 last-modified Tue, 17 Jan 2023 03:41:37 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfEGJ5E7bUp9fKXaZ7hrubvRrD1qjw1B8N7gxOH-pBDQ:21d16a9a252ad91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTRMc8kxrYxm2hjLBapZUmWY0GDDCsORq542812aUVpLHB5SjXK8TaoUtQeq4k1n%2BRUMBnyhOraPAHd70aWsZDP32bU0Vasd0Qc0YkxLe%2BvSp8%2BrELNcq4%2B%2BVTL3qQ29V32COR0uV4DSjzJ27Jcy"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef6528901d9a-FRA
GET H2	200	2023011215014554.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/topic/	24 KB 24 KB	46ms 41ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/topic/2023011215014554.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad7091bfc6d3e55dd2db660795ec7581541e8260680d42efc9117222d69f9fd6 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 24188 cf-resized internal=ok/h q=0 n=13+0 c=3+35 v=2023.5.0 l=24188 last-modified Thu, 12 Jan 2023 07:01:45 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cf4iW7tpv-qjXydKZacGyPwbvf1qjw1B8N7gxOH-pBDQ:6dbbcabb5326d91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Px4wgWnb62Q7FZsuu1ZCp9lQZivW9BaR2%2BzHc4laxqkgMuxgm3%2FKP4aHadEz7bsGrr9MFNIRxkvIVTMrczNQQRRN5JBeX0%2B%2FI%2F5PCS92ysw3cXtoIpyWqD%2BD3y3L9CnPovDMFDwY2aTEqIfMKz0R"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef6528911d9a-FRA
GET H2	200	2023011715350852.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/topic/	21 KB 22 KB	40ms 35ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/topic/2023011715350852.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4fed1a215adb9054df41b522441f69a17e4b2ac0b6541460265ee30a7e4a3af Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 21478 cf-resized internal=ok/h q=0 n=11+0 c=2+25 v=2023.5.0 l=21478 last-modified Tue, 17 Jan 2023 07:35:08 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfO3l4gDrBpXZm4Ut6LXRZNIS51qjw1B8N7gxOH-pBDQ:5d829539462ad91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqSH7%2B0dzUgcoo50TIa0JAcjwJecdaNBp6KqNJQVlFfwpEKHUpM3FQGzkmd%2FWErvglTMe0ANFI2ez15Ta2GVmNFZVaUgigub7JaiLtw3%2Fia%2FYjFNW0bSbt1b7tvblvt8nGBmCfo4szX2Axv0OSlW"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef6528941d9a-FRA
GET H2	200	2022042711002016.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/	35 KB 36 KB	223ms 221ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/2022042711002016.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3079cd2f87da6015367da9f8fbcf242e6922943312f320801b0a562c884c7b47 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 36050 cf-resized internal=ok/h q=0 n=24+0 c=8+41 v=2023.4.2 l=36050 last-modified Wed, 27 Apr 2022 03:00:21 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cf0ff5sUNoyzl2yoKSA3Ewh6tV1qjw1B8N7gxOH-pBDQ:25b6b9eee259d81:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2l1fgNDvqbFcstrrAcAqkz98VJQ%2ByDZH3RviNR4p8d1cz7bc2FuCOQwgPg%2BycSHVdogW6BRXxddybNTNVStJTKu%2FG2Rx%2BSHjYomadT1Vh9EyDzEriw2mi3MtC%2BttCwzvBTI68X3rkoflHLpAm8tp"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef6538a01d9a-FRA
GET H2	200	2022022109592010.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/	21 KB 22 KB	236ms 235ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/2022022109592010.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fc6b5d892b178ab508031e8c7c7d27f8a93390c74c67a41970e3cf4aa546d7d Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 21983 cf-resized internal=ok/h q=0 n=12+0 c=8+30 v=2023.5.0 l=21983 last-modified Mon, 21 Feb 2022 01:59:20 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cf_-mrYdaczzoQGX94xjBl0NkM1qjw1B8N7gxOH-pBDQ:e66ecba3c626d81:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LE%2FcbcSTtYmp8cZMK4USGAUk1UxD7ujeh0kpZacFNXnLQp9X0fkqKKZo%2FHGs31Tuf3SrF0AKHVKYJz4kx3g3xlQRO0kgEbS3gHfVLmoBXiCQf73fZ7EP6w0dvmoqJKRyWnj0QNlmw8Bz8%2FI65QDT"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef6568fe1d9a-FRA
GET H2	200	2022012414563127.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/	29 KB 29 KB	222ms 220ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/2022012414563127.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d9d8211f7feba39b5e38ace3a00e5e980c6ace4656ac2c61588fca926a63d9fc Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 29194 cf-resized internal=ok/h q=0 n=11+0 c=19+36 v=2023.6.2 l=29194 last-modified Mon, 24 Jan 2022 06:56:31 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfHRLwtoP3RX_ezvqPZsTF5d8k1qjw1B8N7gxOH-pBDQ:6162d884ef10d81:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8vp5cckNtelbpRhGeLk1aNj9%2FEei9Yts2s9NeXPB56Xr%2FMMKyuHb%2BaLDJVhzG1kxTbSB1gZ%2FvsPHqAKi2p7nC3smpztXdwxpoH9y6stcjbYplDaDzJw92%2BAEUeWM4XrKVVtkF087Gvor1LZFdFy"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef6579101d9a-FRA
GET H2	200	2022102515040482.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/	24 KB 24 KB	46ms 46ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/2022102515040482.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35336a7e160037cec7bca6c88a077a7b59cb052ae082f0ab651ae544848bf18c Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 24251 cf-resized internal=ok/h q=0 n=17+0 c=8+29 v=2023.6.2 l=24251 last-modified Tue, 25 Oct 2022 07:04:04 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfAa9Vs5djdkl8s66WIvQ7rC_P1qjw1B8N7gxOH-pBDQ:fd50f7f73fe8d81:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aM5QGa5YXc%2BRSPtJiH80g4Uk3XH6nurm3f180oZ5PuDzkDmEm8Onnwqts%2BCnH0VwUNihH2hNJL2jmzYRLGKC4YmnYWJbEDfkNZZVWszoTSNBW55qTaa6nOPLG%2FFoOUGtObbN0Rqnv21jYE7yvuML"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef6579161d9a-FRA
GET H2	200	2023011315492267.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/	19 KB 19 KB	38ms 38ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/2023011315492267.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8dce146e2c4900ab83071af4535b242f80620d35c1555ddb93663ebd6036edf3 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 19388 cf-resized internal=ok/h q=0 n=15+0 c=10+29 v=2023.5.0 l=19388 last-modified Fri, 13 Jan 2023 07:49:22 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfjib3ceeESJntbgslGZ8GieKx1qjw1B8N7gxOH-pBDQ:9c95c68c2327d91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJA0hwBRQWYk7B2y2vD0V19Ng1%2FgBXlDQQlARfaHHKcZnYyZaPmQi8nhu4uyT37gTotqiDP3GDCnBb%2FHx2421puf2w%2FFrYBJUEneVYLO4JGwCm6XFLWGeNXYVmeNVvnSdSZuvYv5YiGCrKGHmPrH"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef65c9921d9a-FRA
GET H2	200	2022102616214042.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/	24 KB 24 KB	42ms 41ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/2022102616214042.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5ecbc17c75a775664e24718fc5af73ca9598e7ab0b02146ae1247fcfddaec20 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 24405 cf-resized internal=ok/h q=0 n=11+0 c=5+32 v=2023.6.2 l=24405 last-modified Wed, 26 Oct 2022 08:21:40 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfWYs45pVCYTh_4CxK69IZiYkT1qjw1B8N7gxOH-pBDQ:51169ff913e9d81:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ick5G%2B5VLn9rI4tz7DU42wA8H4iidFhdKV3qFPyRGIZdA5Y%2B0M4F3sFgfrr9xfs83o5Pp0G2mzbLhbqZ2U0BGYrXnLFq5N6JA0%2BJP7XuA%2Fy%2FqwY9EiRKoYAyFM6k1GvrgtebjeknDcwCRt5NjuAO"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef6609e51d9a-FRA
GET H2	200	2022092814372186.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/	31 KB 31 KB	198ms 197ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/2022092814372186.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48087aac67746afd18dcefc099f302d85e890aaa5fb010558f31aa4fd2d4d486 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 31373 cf-resized internal=ok/h q=0 n=10+0 c=13+33 v=2023.6.2 l=31373 last-modified Wed, 28 Sep 2022 06:37:21 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfocA0dGU6mlfFWTbzvKBDtewb1qjw1B8N7gxOH-pBDQ:9241f6c24d3d81:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2B0dOmlpbAJ%2BTomhdHslCAFep5yM%2BZJrwAa2oMV%2FxbSBd1De8XG7E5lxYc6u7%2Bh6WTP8LrIWpAywYw0xnu07pefjYkf8qyGGK5vjQZJtxtpKpER%2B5rbOV4wjUsDqimESPs1fu1CRvBi1v%2FZr%2BYBW"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef665a481d9a-FRA
GET H2	200	2022061714040380.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/	28 KB 28 KB	259ms 258ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/2022061714040380.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46d60b84a45d4e12308df88de0e5568a9b49d1a9fc29fa3362f593c79b91b2b2 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 28317 cf-resized internal=ok/h q=0 n=12+0 c=13+37 v=2023.6.2 l=28317 last-modified Fri, 17 Jun 2022 06:04:03 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfEaelauQv-VrYAyPnUgkpWWJT1qjw1B8N7gxOH-pBDQ:4f7dd0b1082d81:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0LsTDnM%2FxSfvh8GvJ%2FVF1%2F9%2FkIcLkgoY2SjeQqRKG9Yv%2FCUYHHGHhzkhIuldD1ORmGmCcuWuxcVgqipgKZcU2uhOgT%2Fd23aEUB3ykLuz6ZFYt1VXqzuEGnjqbMsSnhb9xAcHOOLHcD1OryTDokb"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef667a6f1d9a-FRA
GET H2	200	2022050614313659.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/	33 KB 34 KB	219ms 218ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/2022050614313659.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d0e56df2f519b4e26173dff6855066bd81757b01d702382b83d6ab7e12879fe Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 33764 cf-resized internal=ok/h q=0 n=14+0 c=19+46 v=2023.5.0 l=33764 last-modified Fri, 06 May 2022 06:31:36 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfCuyCSpnOYye_CCuZinO5f2-N1qjw1B8N7gxOH-pBDQ:36dcd0ef1261d81:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEr7IzfbG6NLQthfJYcuXyz5osGVFMznI%2F%2FNjmZoHvCD44zDm6dRkrAJENzLrXw3q9o9TZquyT7JkQKWhs%2F26UeaJGnE%2BKdJAFpIoZslT%2F9El3Ca61RaBtE5MTEwJEXnXnGkgnjw0KI0Olxud%2Fc7"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef669aaa1d9a-FRA
GET H2	200	2022042716575958.jpg travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/	26 KB 27 KB	39ms 39ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=360,h=216,fit=cover/DATA/article/2022042716575958.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/assets/article?v=h-8kSgedAGVxbv1AriYblIP0yg4Bn3fkYTGFTxdhw481 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 788f64bdb65233b21ef536c5c73900f500215ea77b0314ddcf1dd08636562484 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 27079 cf-resized internal=ok/h q=0 n=12+0 c=7+39 v=2023.5.0 l=27079 last-modified Wed, 27 Apr 2022 08:57:59 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfbn2JL-GbFv-90Nty-Kcs12p31qjw1B8N7gxOH-pBDQ:8c5cb2e4145ad81:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHZ4xCKLJJTCQMiY8lonHC%2FthelqsJhXJBFRV1FgPRur0xaY2YQMiNi3XGVa462nTnFA%2F7xyBzwnov7QoObXFm4APSZi9w2CiMLg4UMql%2F6I3KYoYWmOiphXKAvcori3DUiv8E2SuXFsgDpSkfr6"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef669aac1d9a-FRA
GET H2	200	1511545927.jpg travelimg.yam.com/cdn-cgi/image/w=1200,h=295,fit=cover/data/article/202306/	67 KB 68 KB	228ms 228ms	Image image/jpeg	2606:4700:21::681b:ce5c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travelimg.yam.com/cdn-cgi/image/w=1200,h=295,fit=cover/data/article/202306/1511545927.jpg Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 918e528dd7d6569e7a938c10b5a639d67e2748bbba4e07e724ccff0180917ef0 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 69117 cf-resized internal=ok/h q=0 n=12+0 c=4+81 v=2023.6.4 l=69117 last-modified Thu, 15 Jun 2023 03:54:59 GMT cf-bgj imgq:85,h2pri server cloudflare etag "cfjz5N6k0VK4sscGwqd1pnOpOujgkXnGlnO6CYF6s0DQ:1736c0273d9fd91:0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqidd5RSmXLCRUkBF%2BdGFGtWU0B4SbmtqXnfFD7rAwTjZSFcQZtlVBfHdLQfMseDNm7t35XdD31KUG0NQ5cmIXNef7eFv4pikw699UPi6saXaLOB4qW%2FeE3mmhshOeYtP4%2BPS79CsbE41tPhYxyq"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=16070400 accept-ranges bytes cf-ray 7ddeef66db041d9a-FRA
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	170 KB 46 KB	42ms 21ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ab8666c9c5f434bb652bf6ee88cb6ff9e51b120c0c38648fd3352168bcb96dae Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 27 Jun 2023 16:06:04 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 46730 x-xss-protection 0 pragma public x-fb-debug sSERAti8RaDXv/EsGeqXxE/n0gTKM7A9qymOgFow+epYFJDdig5R31uilIFBCucrs9q1RI+Mp+ne+4Tu2Hx7VA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	259 KB 88 KB	42ms 42ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-NN9H58G4F7&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6HSTL Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fd2eea7447f92b396d6307bc3c15a37e4504918ca9c3bc65300e496e45ea6a06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 90067 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 27 Jun 2023 16:06:04 GMT
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.8/	57 KB 24 KB	53ms 52ms	Script application/javascript	2620:1ec:46::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.8/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/bkbq66l8qj Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding br last-modified Mon, 26 Jun 2023 21:38:04 GMT etag W/"0x8DB768D9FE1FAC0" vary Accept-Encoding x-azure-ref 20230627T160604Z-rxawccn67t5y7enqvzzp27p4p400000003b000000000vfnp content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 594b0475-201e-0033-7199-a87170000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28
GET H3	204	generate_204 www.youtube.com/ Frame E7F0	0 10 B	23ms 22ms	Image text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?zheRDA Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/embed/nbAvrClNwqU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame E7F0	4 KB 2 KB	90ms 28ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/b7910ca8/player_ias.vflset/de_DE/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 27 Jun 2023 16:06:04 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	65ms 20ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=366463696768555&ev=fb_page_view&dl=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&rl=&if=false&ts=1687881964527&sw=1600&sh=1200&at= Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 27 Jun 2023 16:06:04 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	87ms 29ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=travel.yam.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	esp.js Show response oa.openxcdn.net/	24 KB 8 KB	79ms 26ms	Script application/javascript	34.102.146.192 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oa.openxcdn.net/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 192.146.102.34.bc.googleusercontent.com Software UploadServer / Resource Hash 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 17 Jun 2023 12:24:20 GMT content-encoding gzip age 877304 x-guploader-uploadid ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7927 last-modified Thu, 27 May 2021 18:30:51 GMT server UploadServer etag "df5542b88bc0e368c6999754a5b9e2ba" x-goog-generation 1622140251693895 x-goog-hash crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug== content-type application/javascript cache-control no-transform x-goog-stored-content-length 7927 accept-ranges bytes expires Sun, 16 Jun 2024 12:24:20 GMT
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 878 B	87ms 20ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 27 Jun 2023 16:06:04 GMT x-content-type-options nosniff content-encoding br age 17178 x-jsd-version master x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 439 x-served-by cache-fra-etou8220097-FRA x-jsd-version-type branch etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	uid2SecureSignal.js Show response cdn.prod.uidapi.com/	2 KB 2 KB	100ms 19ms	Script text/javascript	2600:9000:2250:f200:a:e047:753:be1
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.uidapi.com/uid2SecureSignal.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:f200:a:e047:753:be1 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id null Date Tue, 27 Jun 2023 05:58:55 GMT Via 1.1 d4f777a2d5a6d5aeb7eb6201b41775ea.cloudfront.net (CloudFront) Last-Modified Thu, 04 May 2023 00:14:06 GMT Server AmazonS3 X-Amz-Cf-Pop FRA60-P2 Age 36430 x-amz-server-side-encryption AES256 ETag "4d5acbf33f4a0592ac0515db92fe88e6" X-Cache Hit from cloudfront Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1858 X-Amz-Cf-Id WTfSjPJ2qBe9N-fM9HjAP6wwE0DhGQrWNCqWC-F-yzkOsIlt0FAQ7A==
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	139ms 48ms	Script text/javascript	2a02:2638:3::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 31 May 2023 13:09:50 GMT server nginx etag W/"6477471e-a980" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Wed, 28 Jun 2023 16:06:04 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	201 KB 56 KB	702ms 702ms	XHR text/plain	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2289240284352669&correlator=2367755568283322&output=ldjh&gdfp_req=1&vrg=202306220101&ptt=17&impl=fifs&iu_parts=28056324%2Ctravel-article-articlebody-banner%2Ctravel-right-sidebar-banner(1)%2Ctravel-right-sidebar-banner(2)%2Ctravel-right-sidebar-banner(3)&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=750x300%2C300x250%2C300x250%2C300x600%7C300x350%7C300x250%7C300x100%7C300x95%7C300x75%7C300x50&ifi=2&adks=3177439553%2C857917899%2C404790030%2C2187945182&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687881964573&lmt=1687881964&dlt=1687881962630&idt=1902&adxs=214%2C1086%2C1086%2C1086&adys=127%2C127%2C1895%2C3583&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&frm=20&vis=1&psz=822x-1%7C300x3505%7C300x3505%7C300x3505&msz=822x-1%7C300x250%7C300x250%7C300x50&fws=4%2C0%2C0%2C0&ohw=822%2C0%2C0%2C0&ga_vid=720865477.1687881965&ga_sid=1687881965&ga_hid=954880547&ga_fc=false&a3p=EhkKCnB1YmNpZC5vcmcYlLjr7I8xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJS46-yPMUgAUgIIZBIUCgVvcGVueBiTuOvsjzFIAFICCGQSGQoKdWlkYXBpLmNvbRiUuOvsjzFIAFICCGQ. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 45075dc587a64962f9693eedc452dc5d70a84ea071deb1299cd5b45497f7dabb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56878 x-xss-protection 0 google-lineitem-id -1,-1,-1,-1 pragma no-cache server cafe google-creative-id -1,-1,-1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://travel.yam.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A8B5	6 KB 3 KB	123ms 29ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:04 GMT expires Wed, 26 Jun 2024 16:06:04 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ca-pub-2675037296853968 Show response fundingchoicesmessages.google.com/i/	147 KB 49 KB	128ms 55ms	Script application/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-2675037296853968?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306161001/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2675037296853968&plah=travel.yam.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 092e80f34cf1b7489415f9e05bbbeed6fab273b9d1ca96ae336825793ac3fcbf Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-F_s4kS_cfgphFJ1_oFid0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT content-security-policy script-src 'report-sample' 'nonce-F_s4kS_cfgphFJ1_oFid0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 244 B	88ms 30ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF&gtm=45je36q0&_p=954880547&_gaz=1&cid=720865477.1687881965&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687881964&sct=1&seg=0&dl=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&dt=%E5%AE%9C%E8%98%AD%EF%BD%9C%E9%BE%9C%E5%B1%B1%E5%B3%B6%E7%99%BB%E5%B3%B6%E6%94%BB%E7%95%A5%EF%BC%9A%E4%B8%80%E6%97%A5%E9%81%8A%E8%A1%8C%E7%A8%8B%E9%80%99%E6%A8%A3%E5%AE%89%E6%8E%92%EF%BC%81%E5%B8%B6%E4%BD%A0%E7%8E%A9%E9%81%8D%E9%BE%9C%E5%B1%B1%E5%B3%B6%E3%80%81%E4%BA%AB%E5%8F%97%E7%84%A1%E6%95%B5%E7%BE%8E%E6%99%AF%E3%80%8C%E7%89%9B%E5%A5%B6%E6%B5%B7%E3%80%8D%20-%20%E8%BC%95%E6%97%85%E8%A1%8C&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT server Golfe2 content-type text/plain access-control-allow-origin https://travel.yam.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 253 B	115ms 32ms	Ping text/plain	2a00:1450:400c:c07::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RE4LTMGVEF&cid=720865477.1687881965&gtm=45je36q0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT server Golfe2 content-type text/plain access-control-allow-origin https://travel.yam.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	124ms 72ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RE4LTMGVEF&cid=720865477.1687881965&gtm=45je36q0&aip=1&z=1508352089 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	b sb.scorecardresearch.com/	0 224 B	23ms 23ms	Image text/plain	108.138.7.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b?c1=2&c2=38111965&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687881964700&ns_c=UTF-8&c7=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&c8=%E5%AE%9C%E8%98%AD%EF%BD%9C%E9%BE%9C%E5%B1%B1%E5%B3%B6%E7%99%BB%E5%B3%B6%E6%94%BB%E7%95%A5%EF%BC%9A%E4%B8%80%E6%97%A5%E9%81%8A%E8%A1%8C%E7%A8%8B%E9%80%99%E6%A8%A3%E5%AE%89%E6%8E%92%EF%BC%81%E5%B8%B6%E4%BD%A0%E7%8E%A9%E9%81%8D%E9%BE%9C%E5%B1%B1%E5%B3%B6%E3%80%81%E4%BA%AB%E5%8F%97%E7%84%A1%E6%95%B5%E7%BE%8E%E6%99%AF%E3%80%8C%E7%89%9B%E5%A5%B6%E6%B5%B7%E3%80%8D%20-%20%E8%BC%95%E6%97%85%E8%A1%8C&c9= Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.7.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-7-125.fra56.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:04 GMT via 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop FRA56-P6 x-amz-cf-id OmV0rzekbAjfzHJrFWfmYoUwGitj4zeou6373djCeDztxxn0g12bxA== x-cache Miss from cloudfront
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 206 B	32ms 31ms	XHR text/plain	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=954880547&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&ul=en-us&de=UTF-8&dt=%E5%AE%9C%E8%98%AD%EF%BD%9C%E9%BE%9C%E5%B1%B1%E5%B3%B6%E7%99%BB%E5%B3%B6%E6%94%BB%E7%95%A5%EF%BC%9A%E4%B8%80%E6%97%A5%E9%81%8A%E8%A1%8C%E7%A8%8B%E9%80%99%E6%A8%A3%E5%AE%89%E6%8E%92%EF%BC%81%E5%B8%B6%E4%BD%A0%E7%8E%A9%E9%81%8D%E9%BE%9C%E5%B1%B1%E5%B3%B6%E3%80%81%E4%BA%AB%E5%8F%97%E7%84%A1%E6%95%B5%E7%BE%8E%E6%99%AF%E3%80%8C%E7%89%9B%E5%A5%B6%E6%B5%B7%E3%80%8D%20-%20%E8%BC%95%E6%97%85%E8%A1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACAAI~&jid=307260487&gjid=941915525&cid=720865477.1687881965&tid=UA-16227618-1&_gid=1746205959.1687881965&_r=1&gtm=457e36q0&cd1=%E5%B0%8F%E6%BD%94%E8%B6%B4%E8%B6%B4%E8%B5%B0&jsscut=1&z=755520625 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://travel.yam.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://travel.yam.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	775861317597024 Show response connect.facebook.net/signals/config/	300 KB 86 KB	171ms 171ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/775861317597024?v=2.9.109&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ba6044af19ddfc58f9131fe33b23e9c617d618f60db6834318a25aa9175dddb9 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 27 Jun 2023 16:06:04 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug W+7rJbq39rkHrz7I2nfXVQn/cGD+qgUdNAqU8Cy/4E4gHaKuncrYtTAKSzPcOV3+URtnvczolB8Y4AtpWSkSRg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/eureka/clank/114/ Frame E7F0	51 KB 15 KB	31ms 30ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/114/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 26 Jun 2023 20:38:32 GMT content-encoding gzip x-content-type-options nosniff age 70052 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15225 x-xss-protection 0 last-modified Mon, 17 Apr 2023 15:04:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Tue, 27 Jun 2023 20:38:32 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	22ms 22ms	Image image/gif	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=954880547&t=event&ni=1&_s=2&dl=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&ul=en-us&de=UTF-8&dt=%E5%AE%9C%E8%98%AD%EF%BD%9C%E9%BE%9C%E5%B1%B1%E5%B3%B6%E7%99%BB%E5%B3%B6%E6%94%BB%E7%95%A5%EF%BC%9A%E4%B8%80%E6%97%A5%E9%81%8A%E8%A1%8C%E7%A8%8B%E9%80%99%E6%A8%A3%E5%AE%89%E6%8E%92%EF%BC%81%E5%B8%B6%E4%BD%A0%E7%8E%A9%E9%81%8D%E9%BE%9C%E5%B1%B1%E5%B3%B6%E3%80%81%E4%BA%AB%E5%8F%97%E7%84%A1%E6%95%B5%E7%BE%8E%E6%99%AF%E3%80%8C%E7%89%9B%E5%A5%B6%E6%B5%B7%E3%80%8D%20-%20%E8%BC%95%E6%97%85%E8%A1%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=11ctf24&_u=6DDAAUABAAAAACAAI~&jid=&gjid=&cid=720865477.1687881965&tid=UA-16227618-1&_gid=1746205959.1687881965&gtm=457e36q0&z=345257036 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 06:00:54 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 36310 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	esp Show response oajs.openx.net/ Redirect Chain https://oajs.openx.net/esp?url=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&rid=esp https://oajs.openx.net/esp?url=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&rid=esp&cc=1	85 B 202 B	156ms 155ms	Fetch application/json	34.120.135.53 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://oajs.openx.net/esp?url=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&rid=esp&cc=1 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Server 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 53.135.120.34.bc.googleusercontent.com Software / Express Resource Hash 5cedf6dbcf18a3893336f53fba174cd762b3046841aae8fea2c7a4744c4a2416 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT via 1.1 google x-powered-by Express etag W/"55-ycY+pdBd2g/L4z4lkNnl0sMqz8s" vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://travel.yam.com access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85 Redirect headers date Tue, 27 Jun 2023 16:06:04 GMT via 1.1 google x-powered-by Express vary Origin access-control-allow-origin https://travel.yam.com location /esp?url=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&rid=esp&cc=1 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	204	collect region1.analytics.google.com/g/	0 54 B	30ms 29ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-NN9H58G4F7&gtm=45je36q0&_p=954880547&_gaz=1&cid=720865477.1687881965&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687881964&sct=1&seg=0&dl=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&dt=%E5%AE%9C%E8%98%AD%EF%BD%9C%E9%BE%9C%E5%B1%B1%E5%B3%B6%E7%99%BB%E5%B3%B6%E6%94%BB%E7%95%A5%EF%BC%9A%E4%B8%80%E6%97%A5%E9%81%8A%E8%A1%8C%E7%A8%8B%E9%80%99%E6%A8%A3%E5%AE%89%E6%8E%92%EF%BC%81%E5%B8%B6%E4%BD%A0%E7%8E%A9%E9%81%8D%E9%BE%9C%E5%B1%B1%E5%B3%B6%E3%80%81%E4%BA%AB%E5%8F%97%E7%84%A1%E6%95%B5%E7%BE%8E%E6%99%AF%E3%80%8C%E7%89%9B%E5%A5%B6%E6%B5%B7%E3%80%8D%20-%20%E8%BC%95%E6%97%85%E8%A1%8C&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NN9H58G4F7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT server Golfe2 content-type text/plain access-control-allow-origin https://travel.yam.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 54 B	31ms 30ms	Ping text/plain	2a00:1450:400c:c07::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NN9H58G4F7&cid=720865477.1687881965&gtm=45je36q0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NN9H58G4F7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT server Golfe2 content-type text/plain access-control-allow-origin https://travel.yam.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	46ms 45ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NN9H58G4F7&cid=720865477.1687881965&gtm=45je36q0&aip=1&z=630538743 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	28ms 28ms	XHR text/plain	2a00:1450:400c:c07::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16227618-1&cid=720865477.1687881965&jid=307260487&gjid=941915525&_gid=1746205959.1687881965&_u=4CDAAUAAAAAAACAAI~&z=1961438908 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://travel.yam.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 27 Jun 2023 16:06:04 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://travel.yam.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	collect Show response q.clarity.ms/	0 294 B	356ms 119ms	XHR text/plain	20.231.53.73 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://q.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.8/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://travel.yam.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Access-Control-Allow-Origin https://travel.yam.com Date Tue, 27 Jun 2023 16:06:05 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
GET H2	200	syncframe Show response gum.criteo.com/ Frame 1E63	15 KB 6 KB	124ms 39ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=travel.yam.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:04 GMT server Kestrel server-processing-duration-in-ticks 264517 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	ga-audiences www.google.com/ads/	42 B 293 B	47ms 43ms	Image image/gif	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16227618-1&cid=720865477.1687881965&jid=307260487&_u=4CDAAUAAAAAAACAAI~&z=1477560105 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	54ms 52ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16227618-1&cid=720865477.1687881965&jid=307260487&_u=4CDAAUAAAAAAACAAI~&z=1477560105 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	AGSKWxUmgH-f-0J8z87eBNS7ukFhE15w1uaWiG3kjSpNKJvo1_xsxl1uYtpqA-xCz6TWJkdGWc6-ZG2uggl4SOJJIds= Show response fundingchoicesmessages.google.com/f/	280 KB 45 KB	106ms 105ms	Script application/javascript	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUmgH-f-0J8z87eBNS7ukFhE15w1uaWiG3kjSpNKJvo1_xsxl1uYtpqA-xCz6TWJkdGWc6-ZG2uggl4SOJJIds=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg3ODgxOTY1XSwiMjA3NzdERDMtRTAxOS00QzFELTk4MkEtMTk1NEYyRjQ0MDgyIixudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90cmF2ZWwueWFtLmNvbS9hcnRpY2xlLzEyOTIyNyIsbnVsbCxbWzgsImFpcTIyZzFTMko4Il0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.aiq22g1S2J8.es5.O/d=1/rs=AJlcJMyUHUrI4E7tThY3OBRVHCoKEhIvjQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1ad1fb523412c622a086eb6da419e4f2fd4353c87e9cafb77c294c741b14b022 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ysBgrpNZxNmtHIhpSfNZPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ysBgrpNZxNmtHIhpSfNZPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 54 B	21ms 20ms	Image text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=775861317597024&ev=PageView&dl=https%3A%2F%2Ftravel.yam.com%2Farticle%2F129227&rl=&if=false&ts=1687881965024&sw=1600&sh=1200&v=2.9.109&r=stable&ec=0&o=30&fbp=fb.1.1687881965023.1794102086&it=1687881964733&coo=false&rqm=GET Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 27 Jun 2023 16:06:05 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	sid Show response mug.criteo.com/ Frame 1E63 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=yam.com&sn=ChromeSyncframe&so=0&topUrl=travel.yam.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=pjOziHx6ODRiOGlOaUs3ODhHaHR3TVQ5bDFlZDFiejVYdU1CZVlZM0RtaUhpaXp2UnRocU91ZWlEUWRlU3NYRU5uLzhpVjUvVG1RWUx2UDJDNVhCOCtaQXdtUVNxMXNKUUt3MjdMVkJrN2R5ekRrVnpkNkdwNTliQThVOH...	433 B 652 B	132ms 31ms	Fetch application/json	178.250.7.13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=pjOziHx6ODRiOGlOaUs3ODhHaHR3TVQ5bDFlZDFiejVYdU1CZVlZM0RtaUhpaXp2UnRocU91ZWlEUWRlU3NYRU5uLzhpVjUvVG1RWUx2UDJDNVhCOCtaQXdtUVNxMXNKUUt3MjdMVkJrN2R5ekRrVnpkNkdwNTliQThVOHJiOXVSYklRL3lQSGUycUpibUFMQVEyTHNrTkduQzhYa0gveW00WXBqK0xrRFZNQVhOUFJTV3h0Vk1idXQzY2QzMlVMMlpsek9zOVBNN0FvNFBNaTVTZWF1eXpQQWNBZWZvSlNOWTBVNHJ4SEFMeUlNUVZ2QnJ6V3J4eHpYcnBieFR3YnBwT2hwT21vK0tWcG5IQkVNdEVEREdDOUliUT09fA&cppv=2 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Server 178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash b6f04253a0291925eac44818727af4338333608dce9b809f66f9992079661cc4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1416622 expires 0 Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:04 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=pjOziHx6ODRiOGlOaUs3ODhHaHR3TVQ5bDFlZDFiejVYdU1CZVlZM0RtaUhpaXp2UnRocU91ZWlEUWRlU3NYRU5uLzhpVjUvVG1RWUx2UDJDNVhCOCtaQXdtUVNxMXNKUUt3MjdMVkJrN2R5ekRrVnpkNkdwNTliQThVOHJiOXVSYklRL3lQSGUycUpibUFMQVEyTHNrTkduQzhYa0gveW00WXBqK0xrRFZNQVhOUFJTV3h0Vk1idXQzY2QzMlVMMlpsek9zOVBNN0FvNFBNaTVTZWF1eXpQQWNBZWZvSlNOWTBVNHJ4SEFMeUlNUVZ2QnJ6V3J4eHpYcnBieFR3YnBwT2hwT21vK0tWcG5IQkVNdEVEREdDOUliUT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 261781 content-length 0 expires 0
GET H2	200	css fonts.googleapis.com/	63 KB 4 KB	98ms 46ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.aiq22g1S2J8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyUHUrI4E7tThY3OBRVHCoKEhIvjQ/m=web_iab_tcf_v2_wall_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0ee0a80a3b153889236cb575dd99faeac9974cecfe50462193c6c4a0844a4b40 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 27 Jun 2023 16:06:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 27 Jun 2023 16:06:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 27 Jun 2023 16:06:05 GMT
POST H/1.1	204 No Content	collect Show response q.clarity.ms/	0 294 B	318ms 317ms	XHR text/plain	20.231.53.73 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://q.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.8/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://travel.yam.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Access-Control-Allow-Origin https://travel.yam.com Date Tue, 27 Jun 2023 16:06:05 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
GET H2	200	container.html Show response 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B2D5	6 KB 3 KB	25ms 22ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:04 GMT expires Wed, 26 Jun 2024 16:06:04 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	container.html Show response 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 622D	6 KB 3 KB	21ms 20ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:04 GMT expires Wed, 26 Jun 2024 16:06:04 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE25	6 KB 3 KB	28ms 27ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:04 GMT expires Wed, 26 Jun 2024 16:06:04 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	container.html Show response 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 22A5	6 KB 3 KB	21ms 19ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:04 GMT expires Wed, 26 Jun 2024 16:06:04 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H3	204	AGSKWxWS77Nsq_DrfBuFce5Pn6HOebKhgVM46Pn9Uw-pKDkTIeWSKBskZCAAzx9-lwd27EaltJqMxhI0ZRKGx54Te0wQoXvUSoqE-cu_7H3ts1G9pvgKCON0uFLX8SI683Ug91Z59FTSJA== Show response fundingchoicesmessages.google.com/el/	0 28 B	92ms 37ms	XHR text/html	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWS77Nsq_DrfBuFce5Pn6HOebKhgVM46Pn9Uw-pKDkTIeWSKBskZCAAzx9-lwd27EaltJqMxhI0ZRKGx54Te0wQoXvUSoqE-cu_7H3ts1G9pvgKCON0uFLX8SI683Ug91Z59FTSJA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.aiq22g1S2J8.es5.O/d=1/rs=AJlcJMyUHUrI4E7tThY3OBRVHCoKEhIvjQ/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-4MuZmLRAVkCZkBs3XGUk8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://travel.yam.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers date Tue, 27 Jun 2023 16:06:05 GMT content-security-policy script-src 'report-sample' 'nonce-4MuZmLRAVkCZkBs3XGUk8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://travel.yam.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	pd Show response google-bidout-d.openx.net/w/1.0/ Frame F547	0 176 B	217ms 135ms	Document text/html	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://google-bidout-d.openx.net/w/1.0/pd?plm=5 Requested by Host: oa.openxcdn.net URL: https://oa.openxcdn.net/esp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding gzip content-length 20 content-type text/html date Tue, 27 Jun 2023 16:06:05 GMT server OXGW/0.0.0 vary Accept, Accept-Encoding via 1.1 google
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v140/	125 KB 126 KB	30ms 29ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://travel.yam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 24 Jun 2023 17:29:28 GMT x-content-type-options nosniff age 254197 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Tue, 07 Mar 2023 19:51:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 17:29:28 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	28ms 28ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://travel.yam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 24 Jun 2023 00:06:44 GMT x-content-type-options nosniff age 316761 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 00:06:44 GMT
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v35/	47 KB 47 KB	23ms 22ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://travel.yam.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 24 Jun 2023 05:45:28 GMT x-content-type-options nosniff age 296437 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48412 x-xss-protection 0 last-modified Tue, 02 May 2023 15:08:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 05:45:28 GMT
GET H2	200	css fonts.googleapis.com/ Frame B2D5	4 KB 728 B	34ms 33ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 27 Jun 2023 16:06:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 27 Jun 2023 14:24:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 27 Jun 2023 16:06:05 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame B2D5	2 KB 972 B	102ms 33ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:51 GMT content-encoding br x-content-type-options nosniff age 3854 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jul 2023 15:01:51 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230621/r20110914/ Frame B2D5	23 KB 9 KB	103ms 33ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/abg_lite_fy2021.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f9ccbc13ffc63a7e116925950c92d713436674aa960ce0ab84f0aba69a7ed17d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:51 GMT content-encoding br x-content-type-options nosniff age 3854 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9206 x-xss-protection 0 server cafe etag 16413706841549102664 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jul 2023 15:01:51 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame B2D5	3 KB 1 KB	111ms 42ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/window_focus_fy2021.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:51 GMT content-encoding br x-content-type-options nosniff age 3854 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jul 2023 15:01:51 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame B2D5	20 KB 9 KB	88ms 19ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:49 GMT content-encoding br x-content-type-options nosniff age 3856 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8312 x-xss-protection 0 server cafe etag 8395464388031192745 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jul 2023 15:01:49 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B2D5	179 KB 56 KB	49ms 37ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57261 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687779365227900" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 27 Jun 2023 16:06:05 GMT
GET H3	200	95d52fd2d3470bdf70a280ba9b2fe75b.js Show response www.gstatic.com/mysidia/ Frame B2D5	34 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/95d52fd2d3470bdf70a280ba9b2fe75b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4280cd4b56f2c32730c10b51d0f72b21d2a82f83104f1f450d3436d5166d692e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 21 Jun 2023 19:59:28 GMT content-encoding gzip x-content-type-options nosniff age 504397 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14303 x-xss-protection 0 last-modified Wed, 21 Jun 2023 19:50:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 19 Sep 2023 19:59:28 GMT
GET DATA	200 OK	truncated / Frame B2D5	287 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce Request headers Referer Origin https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	624907996767536446 tpc.googlesyndication.com/simgad/ Frame B2D5 Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r https://tpc.googlesyndication.com/simgad/624907996767536446	8 KB 9 KB	26ms 22ms	Image image/png	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/624907996767536446 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 24 Jun 2023 19:41:58 GMT x-content-type-options nosniff age 246247 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8502 x-xss-protection 0 last-modified Tue, 09 Apr 2019 09:00:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 23 Jun 2024 19:41:58 GMT Redirect headers date Tue, 27 Jun 2023 09:30:18 GMT x-content-type-options nosniff server cafe age 23747 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/624907996767536446 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 27 Jul 2023 09:30:18 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame A6B2	624 B 246 B	62ms 60ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGOOi6-gBMAE&v=APEucNVDSHUlgZajWboo57gz_wAmYpKHEnC5v9qxOAPg-EYS2N0TA32MVNUOZ4yF37tIVnewmsZb-6mHaMfrBuW01QyzoX2tQq4-GTqhB6GnbB7IfcjFnczs3qWiIPIXlWWiUayIXk0EqhBLRoYt95GZH1Ns0qcTTLSR2R1X8TPZpqrB7RCf9fU Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:05 GMT expires Tue, 27 Jun 2023 16:06:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 622D	78 KB 27 KB	171ms 168ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 server cafe etag 3261498652431352696 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 27 Jun 2023 16:06:05 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 622D	42 B 63 B	63ms 59ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DChzP_-Qe2SeXcDY0goeSg44gTZ0owg2cZd4sp-sTIMuJtS3--idGpfFnAQvnJ5Gbh3wn7SZ_G-iqP6NKhkJdorL7qMwts_Ot8jIaSU-g8Pzp80G0 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 622D	0 20 B	63ms 60ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4495041482684491475&x=1&ct=76 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame 622D	2 KB 1 KB	187ms 34ms	Script application/javascript	2a02:26f0:3500:d::1732:83d6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=28473661&cmp=29823623&plc=366421488&sid=7758003&dvregion=0&unit=300x250 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:05 GMT Content-Encoding gzip Last-Modified Tue, 10 Jan 2023 11:02:09 GMT Server UploadServer ETag "87b6182d03ee779aa68e37632f67656e" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 913 Expires Thu, 01 Jun 2023 12:16:25 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 622D	3 KB 1 KB	45ms 42ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/window_focus_fy2021.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:51 GMT content-encoding br x-content-type-options nosniff age 3854 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jul 2023 15:01:51 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 622D	20 KB 8 KB	25ms 22ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:49 GMT content-encoding br x-content-type-options nosniff age 3856 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8312 x-xss-protection 0 server cafe etag 8395464388031192745 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jul 2023 15:01:49 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 622D	179 KB 56 KB	32ms 30ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57261 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687779365227900" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 27 Jun 2023 16:06:05 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame B4B1	624 B 246 B	74ms 72ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXzNSHgIwrEyP41sRzK7nS7qnkN8uWIcvN7i6lWWxkr7skq0H-Ze0UxS9KRpD5jt9ZcheofTHA4wa8ABaicpiT47eh38EuCIxPdCe3bY5ALS1sMY-1Q6cObHTpLkJWtooi2T-F34WxIyQRBjkfpbQJLABILvHPtQFnASnELiB0RkL5BgLc Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:05 GMT expires Tue, 27 Jun 2023 16:06:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame BE25	78 KB 27 KB	232ms 231ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 server cafe etag 3261498652431352696 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 27 Jun 2023 16:06:05 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE25	42 B 63 B	71ms 69ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHApx0CElo_eX4lCPsG9-rsRpHxOCCn2BAmGdScpStS0DYUrJMXDENfbIat1lx-dp_EgRXSIkbAlZQk_6ITQAA4810OvWnO06QzhQRlB9Ndj6lk04 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE25	0 20 B	70ms 69ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=743193040997415798&x=1&ct=77 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame BE25	3 KB 1 KB	34ms 32ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/window_focus_fy2021.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:51 GMT content-encoding br x-content-type-options nosniff age 3854 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jul 2023 15:01:51 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame BE25	20 KB 8 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:49 GMT content-encoding br x-content-type-options nosniff age 3856 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8312 x-xss-protection 0 server cafe etag 8395464388031192745 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jul 2023 15:01:49 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame BE25	179 KB 56 KB	52ms 52ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57261 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687779365227900" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 27 Jun 2023 16:06:05 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 9B55	624 B 246 B	66ms 63ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNU6NFSFsmMheAVI1Zl-J3ofNDp9AY_R9ZVziMC7FtZ-E1rgZd755fZcXyAE53__5mKNeUsSa85N9wvBofVvVGB1l8uxACUeFi2L_WPY_mXtNJ6dVGvcnEN47nImSErV_MMv1PpCVPsSB5u9ap7FB7P_O2fZoARJlWkxP65TzryLWXPqwDA Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:05 GMT expires Tue, 27 Jun 2023 16:06:05 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 22A5	78 KB 27 KB	217ms 217ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 server cafe etag 3261498652431352696 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Tue, 27 Jun 2023 16:06:05 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 22A5	42 B 63 B	63ms 62ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKnE18Oovfw5Gxo4HFsyqUd45YrEWyVVesKe-ai_WKGG7FN81zogGDlEnQBifltkmX8aEvWch1875KCCXsPWUK8l6cS9oMFWgWgpS81q8fRvmYEDM Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 22A5	0 20 B	64ms 63ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5204535191014448269&x=1&ct=77 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 22A5	3 KB 1 KB	27ms 25ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/window_focus_fy2021.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:51 GMT content-encoding br x-content-type-options nosniff age 3854 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jul 2023 15:01:51 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/ Frame 22A5	20 KB 8 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230621/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f4a038eb56ed2eb8fb4701ef93757a4d42a433508714b8a11b426e6a9ac3f350 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:49 GMT content-encoding br x-content-type-options nosniff age 3856 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8312 x-xss-protection 0 server cafe etag 8395464388031192745 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 11 Jul 2023 15:01:49 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 22A5	179 KB 56 KB	61ms 60ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:05 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57261 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687779365227900" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Tue, 27 Jun 2023 16:06:05 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame 65F0	0 18 B	68ms 38ms	Document text/plain	2a03:2880:f176:84:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://travel.yam.com Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://travel.yam.com alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:05 GMT priority u=0,i server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame A6B2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo6rb1jG3V-Ug--C3A8oAc&google_cver=1	43 B 632 B	29ms 27ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo6rb1jG3V-Ug--C3A8oAc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGOOi6-gBMAE&v=APEucNVDSHUlgZajWboo57gz_wAmYpKHEnC5v9qxOAPg-EYS2N0TA32MVNUOZ4yF37tIVnewmsZb-6mHaMfrBuW01QyzoX2tQq4-GTqhB6GnbB7IfcjFnczs3qWiIPIXlWWiUayIXk0EqhBLRoYt95GZH1Ns0qcTTLSR2R1X8TPZpqrB7RCf9fU Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDo6rb1jG3V-Ug--C3A8oAc&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame A6B2 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJsI7TPlj-fSimFslMN-vQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1	43 B 766 B	27ms 23ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGOOi6-gBMAE&v=APEucNVDSHUlgZajWboo57gz_wAmYpKHEnC5v9qxOAPg-EYS2N0TA32MVNUOZ4yF37tIVnewmsZb-6mHaMfrBuW01QyzoX2tQq4-GTqhB6GnbB7IfcjFnczs3qWiIPIXlWWiUayIXk0EqhBLRoYt95GZH1Ns0qcTTLSR2R1X8TPZpqrB7RCf9fU Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=495 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame A6B2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEMVnpyywhIEr-4-wUkQe1-g&google_cver=1	43 B 1 KB	78ms 31ms	Image image/gif	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEMVnpyywhIEr-4-wUkQe1-g&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGOOi6-gBMAE&v=APEucNVDSHUlgZajWboo57gz_wAmYpKHEnC5v9qxOAPg-EYS2N0TA32MVNUOZ4yF37tIVnewmsZb-6mHaMfrBuW01QyzoX2tQq4-GTqhB6GnbB7IfcjFnczs3qWiIPIXlWWiUayIXk0EqhBLRoYt95GZH1Ns0qcTTLSR2R1X8TPZpqrB7RCf9fU Protocol HTTP/1.1 Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT AN-X-Request-Uuid a11f387e-9ac1-42cf-a87d-9e2ee48fda8e Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEMVnpyywhIEr-4-wUkQe1-g&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame A6B2 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D	170 B 243 B	42ms 41ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuZiLQEEMbr4LgEGOOi6-gBMAE&v=APEucNVDSHUlgZajWboo57gz_wAmYpKHEnC5v9qxOAPg-EYS2N0TA32MVNUOZ4yF37tIVnewmsZb-6mHaMfrBuW01QyzoX2tQq4-GTqhB6GnbB7IfcjFnczs3qWiIPIXlWWiUayIXk0EqhBLRoYt95GZH1Ns0qcTTLSR2R1X8TPZpqrB7RCf9fU Protocol H2 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 27 Jun 2023 16:06:05 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid a844c24a-7329-4bc0-a414-a89247119ae3 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated / Frame B2D5	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9b7b3dcdd36fa77344ab461b7c5a6a196f87a52f369ac7467433b439b6dc9db6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame B4B1 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1	43 B 632 B	29ms 27ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXzNSHgIwrEyP41sRzK7nS7qnkN8uWIcvN7i6lWWxkr7skq0H-Ze0UxS9KRpD5jt9ZcheofTHA4wa8ABaicpiT47eh38EuCIxPdCe3bY5ALS1sMY-1Q6cObHTpLkJWtooi2T-F34WxIyQRBjkfpbQJLABILvHPtQFnASnELiB0RkL5BgLc Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame B4B1 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJsI7TPlj-fSimFslMN-vQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1	43 B 632 B	22ms 21ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXzNSHgIwrEyP41sRzK7nS7qnkN8uWIcvN7i6lWWxkr7skq0H-Ze0UxS9KRpD5jt9ZcheofTHA4wa8ABaicpiT47eh38EuCIxPdCe3bY5ALS1sMY-1Q6cObHTpLkJWtooi2T-F34WxIyQRBjkfpbQJLABILvHPtQFnASnELiB0RkL5BgLc Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame B4B1 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEA8vj-BhlabCJjHghx28WY4&google_cver=1	43 B 1 KB	60ms 29ms	Image image/gif	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEA8vj-BhlabCJjHghx28WY4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXzNSHgIwrEyP41sRzK7nS7qnkN8uWIcvN7i6lWWxkr7skq0H-Ze0UxS9KRpD5jt9ZcheofTHA4wa8ABaicpiT47eh38EuCIxPdCe3bY5ALS1sMY-1Q6cObHTpLkJWtooi2T-F34WxIyQRBjkfpbQJLABILvHPtQFnASnELiB0RkL5BgLc Protocol HTTP/1.1 Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT AN-X-Request-Uuid 2b53aa1c-3b03-4194-a126-7512d61512c5 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEA8vj-BhlabCJjHghx28WY4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame B4B1 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D	170 B 188 B	38ms 35ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNXzNSHgIwrEyP41sRzK7nS7qnkN8uWIcvN7i6lWWxkr7skq0H-Ze0UxS9KRpD5jt9ZcheofTHA4wa8ABaicpiT47eh38EuCIxPdCe3bY5ALS1sMY-1Q6cObHTpLkJWtooi2T-F34WxIyQRBjkfpbQJLABILvHPtQFnASnELiB0RkL5BgLc Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 27 Jun 2023 16:06:06 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid d86c56a9-06ee-4631-8afd-a80a8e7a7d5f Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 9B55 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1	43 B 632 B	28ms 28ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNU6NFSFsmMheAVI1Zl-J3ofNDp9AY_R9ZVziMC7FtZ-E1rgZd755fZcXyAE53__5mKNeUsSa85N9wvBofVvVGB1l8uxACUeFi2L_WPY_mXtNJ6dVGvcnEN47nImSErV_MMv1PpCVPsSB5u9ap7FB7P_O2fZoARJlWkxP65TzryLWXPqwDA Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:05 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 9B55 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJsI7TPlj-fSimFslMN-vQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1	43 B 632 B	24ms 21ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNU6NFSFsmMheAVI1Zl-J3ofNDp9AY_R9ZVziMC7FtZ-E1rgZd755fZcXyAE53__5mKNeUsSa85N9wvBofVvVGB1l8uxACUeFi2L_WPY_mXtNJ6dVGvcnEN47nImSErV_MMv1PpCVPsSB5u9ap7FB7P_O2fZoARJlWkxP65TzryLWXPqwDA Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFZYVaVhREkZHuPmlbf_l1w&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 9B55 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEA8vj-BhlabCJjHghx28WY4&google_cver=1	43 B 1 KB	68ms 28ms	Image image/gif	185.89.210.153 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEA8vj-BhlabCJjHghx28WY4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNU6NFSFsmMheAVI1Zl-J3ofNDp9AY_R9ZVziMC7FtZ-E1rgZd755fZcXyAE53__5mKNeUsSa85N9wvBofVvVGB1l8uxACUeFi2L_WPY_mXtNJ6dVGvcnEN47nImSErV_MMv1PpCVPsSB5u9ap7FB7P_O2fZoARJlWkxP65TzryLWXPqwDA Protocol HTTP/1.1 Server 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT AN-X-Request-Uuid ea35ae67-0912-4404-9fca-c2c08d771741 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEA8vj-BhlabCJjHghx28WY4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9B55 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D	170 B 188 B	35ms 34ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNU6NFSFsmMheAVI1Zl-J3ofNDp9AY_R9ZVziMC7FtZ-E1rgZd755fZcXyAE53__5mKNeUsSa85N9wvBofVvVGB1l8uxACUeFi2L_WPY_mXtNJ6dVGvcnEN47nImSErV_MMv1PpCVPsSB5u9ap7FB7P_O2fZoARJlWkxP65TzryLWXPqwDA Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Tue, 27 Jun 2023 16:06:06 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.114.218.27; 217.114.218.27; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 070a2092-6d4a-4a3f-995c-c743e4d87d50 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2NTQ4NTY1OTQxODczMDM3MA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 622D	0 20 B	60ms 59ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5231799818264&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 622D	0 20 B	63ms 61ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5231799818264&version=m202301230201&ct=76&x=1&cor=4495041482684491300 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 622D	15 KB 11 KB	69ms 66ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACm8sSa2FjD8Y4wYyTnaneSBhy-jAw52pJ3R9PBzOe7q7qTdKz8yngiuOV9ZfQgLmHo1Fjw1s6mebuVW3lMoZ5qcpi75vW4EH6sIVbEWsKz-4uXImQa2LjCisFXX_M9DHhwBXzns56ApqhFqIrcd0C8liIRPty8k-RFx-7yPekJTRLDSo&cry=1&dbm_d=AKAmf-B1eLxG3rRugVQxb2RtRtnd8ylwzouqt7fX5ZN4iVwkJEqIaAat-7oTnNso-GuhAwHaSvwIHdAS2aXurARwbr7dXjclVryPQ1gFEuoSxsyOpRlycQr25q8MgQY_nLHdz1_uK8uWwfwzcsJGw-tJkJMcq09BaM4LnaJe_AAJIXiRmDJZzpLu9OBIvkqp0B_-0qv_MN5Sq1RdKIL1FmBrabok_VUJ-s6YANhacG4ibwQQmgVLH9DwpqwWZX7-PuBME50_0E3nZJVw1xFDXbq67q5F4KdXTlyu6gUaxR16Hf5txXfudIp414WAHWvRpJvG_OweUGl4EDb54Fj3xKnWTTMtN9rPYxV1iteG5MvAfeqcxFrtTA9Fvio2RlXrAKbCL30u2Wskb3ls_zaLf9Nt6CbejEvGXr7Lqaykw4xTSBZA6f4JBrqcot49PQbes6zTr740hGqeJ3YPgWvPM811ASGQ5bRog8rojha6-g44Zs5Xj_JNZcGylNZduuIqdbDUxJayabCV95YXt7GTcVyfeivUae43mpUdt22K3KzAI3iFMBBG1eAG2bQ54WfEMTQl0mxAEKQr9_BDwZDum2ugN9xLFFXJ3nzYMEGQBNiwbKC5PxIXMFL5KnNl6Jo5dI1xX8dgMUqeq_7-03MHg8OgqM1IMukYGKkMljCgZ3HH9XZHcqqAArV2zdFmp5_fXAOGlGZFnj_XLSanvIn4KDetO0Opfu2pjYRuo-Z1vHeILpA1GjGXYji8Zay-35_cfDPeAm4AyhRZ3Zg0P0UQ6nDHbQQta1lx8WjO0QTxhRgZVaGS005SHRXelF9Ze4msq9HzcUu4OX-j-L-0zvvOnFU9vPQsNA1FYao38sV7fK8IIxk1uBm4AuT-hbZQCV61KnUOC-hIHMODVp13a8uRkhFkcZ1Su9y8zFvRNPJzVqHkB2PV5t3TBMRdIss2xziJmdUTw7hcAi_K8EhwFcAxVHY2PVLG0UESA9W1OWZbX3sRFQmgzZHmKS9fR6OWudqxvIIw63YZqBBJjn-3FPKXVq4GtU-FnihXWPr6Hg1dW-70c0vkQie59WAkRaW5KZlYXsGW2zXnEubFjGiZz3sv6pNu9r_eql0pQzQMyULtRVp4B_ImBaGKJPgEjBk7KFdLtWY_QQEEw2AZFjbxgsfIN1MnivqhFb-XDL7KUcYHVL1e2Zo7UYZJPrLTrsVNTc2U6ZMnd1Rcc2qGCEiN7swjVdPUN8U_5roxfpxPHufoTW9Y1Lq8HP4uM3Ji0JEX8pH13ukCk79mpuB5gUzmyAxrs2ozB-d4NrbgxO-2gknjkECEY8vIks3f-KBFtnGxzGjoMa75rMDxWVXH2LW1otklajvwm0glM8Jp1i8eC_HSeM67SC4lLJAFw5cCaH0qdqnoIyWTY2Cy99HlNwbhpbkr3pIFempZyYhdzrMu00PbnXFMKPZK9xbVlGzJTN5pKBliZGJh7biamASOeTbObSWTR9vO3oad_HiQ7kb3WgGaZOm4-F5DfBLFgfaXGi4WvzIESorYMV-jf0p6GTxWWQk9CRvFIT5BqpAaVTWj1nPh9OkwDscGp8y71WABXU0U9u25z_V32GYCRmkfil092fjkAws6rzzWyfR6ORrH1TOHO8vXKj-bPUpX6dKsd4rDqNaWjTuff4y82nZWcxUPLLiGFFqOkJ_5Pef-02glF1uK9gSZ8si5Tm1s1BtBWKrm8cuchz-NsbCE5h2EZfSn_pVPY5yAImlPEgTFEyLNFyv3WuIHWTHTwT-U1VQ86fCJ5EFci_0i1wwxVBU0wEAaU-mNb1kye6IpQttmIdIFb_awN4r6YgoH8zJG815LkgTR63Gqo_P2CrlQkXJq_A0JSzd9zXkxOoLv0BbydnZqpR8RSgcKmdVXsjLjA53GIDc9xxzqIBtccQ4QgF65zgvrXsVza8Lcwsz4aMn3AI9a0CfR4G5FAib58jZm5eYxGxAhKf60sBQ9x6g-ipehtC8BLuLwlv5DYa3pSXXn-BXVJrRos5DjAj8WMxUt32uUjf6Q3SNS2MDRVksYqghGZsSO1xGqXpFn2A6nwZLQphB9157rINpwdTi0gfi3apY42-yO0WNuVyJIG0rUtGawNuA3Omdr0h_xmH5ipoeMEvMOyKj1n2-qVX7yq-djaRnqqEYuG2IH4dOY0V95spyWzkZ9k7-7IEV5vxIEzHSq1F5zm1MmnDjZH8guneMy32f0q9UId8xJmsX8LrawNdiOrv_00zM69pAalenWPqBATsJliWQFC9OKYjm2sRaU2zyNLj1gnT7yLNVc6v2tOuYuWcyl0w72QhlOajkLXRZjHm52ktLPzKZSQKK2--rziDebjVlVT-IDzEuxPyQiDqx05E0vgrpxnZrVoXnPbKL_g3miS295sBY4pBfbHQny9a5KIq2w1Uva6Gek_DmSW9FlPnBRkMOTRjDYD4akQrbyQFdwe9iWBoQYxPGtis5TVOTVEDrBdx1WDJ-8hpGR0buACwdQbdApoFFRlrCz83lx5VktquUwMyiz1A5zrHc7QLkpPQ1SZbugCPzqGhIQW6bnlCeWPhAI0i2lJG_Vrea4zM40AEi6xL00gOoZH4v5DF0cbyWSWjbx9GkLzENsw5HAY_4W_b2MX-4CmJ_ioluXsZgNn8LNBLnemD9M_FkvkgW6xcYEerl2wnuXDG8lu4lzyfWoa5NTvCxSFGvWXw_NjG_6o_zU9vYU4lVh4P-d46fuNywa6sXfG8oIcSc9_UHDE4KCz0oUu7V8Z349Mf_2LZoOVc7SjNnFtjZjBJ_DD2wMD6geEk_fE7AgTAq20q7e05o6V7BdGiHeRFekB9voeWO7mON0iRUiCX2Yarqtz470N08S7aI_qdEOoErJq-gjIetpL1jauUVOr_u4gwdDm_-Al1xxoWDDPnMkrDOob_RqzXcIFDQlOCsBQleMJIEcTG-i8ICx_FoVk45N1g8z1A&cid=CAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftravel.yam.com%2F&ds=l&xdt=1&iif=1&cor=4495041482684491300&adk=3690638929&idt=188&cac=0&dtd=58 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 855f87a741588f73aa235f4c75b8490988004b982eabb6792191aad643b03845 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:05 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11428 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame B2D5	16 KB 16 KB	32ms 30ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 24 Jun 2023 18:58:23 GMT x-content-type-options nosniff age 248862 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 23 Jun 2024 18:58:23 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame E7F0	28 B 54 B	43ms 41ms	XHR application/json	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/b7910ca8/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 X-Goog-Request-Time 1687881965986 Content-Type application/json X-YouTube-Utc-Offset 0 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/nbAvrClNwqU X-YouTube-Client-Version 1.20230620.01.00 X-YouTube-Time-Zone Etc/Unknown X-Goog-Visitor-Id CgtZWGRXVWE2bmpfTSjrkeykBg%3D%3D X-YouTube-Ad-Signals dt=1687881963545&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C788%2C473&vis=1&wgl=true&ca_type=image Response headers date Tue, 27 Jun 2023 16:06:06 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0 expires Tue, 27 Jun 2023 16:06:06 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 22A5	0 20 B	59ms 57ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9666664049754&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 22A5	0 20 B	59ms 57ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9666664049754&version=m202301230201&ct=77&x=1&cor=5204535191014448000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 22A5	15 KB 11 KB	101ms 100ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8sLyUy6QGsa75AnzmSCQy22J6ACNgT7jg1CZqIIvWzQrOVCCFwIyzHwK2BrAM4JXW3xE5Axp6E_oEJQh5TNPphjbLB-ceA6W-yt4EZCV4lzlOm2Er9Cw-QGSWUGGTV2fTXfu6IW7qM5nMVdgNGaWR87s4DtiAa1ltc2m68vsYwMFfarA&cry=1&dbm_d=AKAmf-DYP316gyFX6nZMBfZRbtuzdKyKf5n2IeA-2B_vM-aISd46qaiWdPZk2Tb-3mJQqGvOR-MtEflFiESt196mbvbesDbANIjsNWYPGFccxhatHv_EzxQQ5G_Hw2ZJkFwZpoKiO7QzVNBnOaivzkEqtRySkH1OaQxRTXtRG2DKiTSeF_5d9wFvTA9YJX1IoKh92eQxYk6Lfkwj3muI8bgGoKfVoThSOyZwTX7v9yiGl3Ab7ynbRHVW7AO_FWQYobI3Y58o8vjSzhyGkEHQiiutcZOF2EgHHVOyFiM3zfEg5nCGpwDQeEaAYnQC7WbH1vnaa0XC-8zbaKEQ4sgh-nZoNOjogeD2EdXynWByeURqqP3AB_Y9fSmGhvc6Two09h1p5psisEyiB5OtscK85FgMRGOdjGn0Eqxb_sYN02xZNFsMllQr15SYJsBY7CoCnEaZCLSqHAcr6zQY9en7HNNsamFXMMQXgZAQhmNky_R_7AJ70E3qOk8XOh-RMMnlOdnfQtiVJqUWleE8Hxe377SqnE1VvPAYXWPQwNdw_wGe-kJ_6xcHTvx_4n0ccQ6sr02-zf0-jGtMvYsHN6dhiYpVQgZ286pPGAiNR-RBt9hMtRZBjoxM_K1r01M2C1eSVBakkRum1I915ohgJ1p0CxPE3dfXFA64G5kx_3S_78VSYFlm8YVpiqcrwYOgISreJUTm7y0xA5F2i2rqdHYRfgF00sI3TXRx2v_bSMaaXU6tFixcyOBjyZgAXYYvFnFzqUIaJ_PKe5ARd-ZUkxsZF8vJ7pgnGDVjXlKxlBKxMmhdnb20UM28AwWH6DQzODiv6ddw8CzTLhJj59rVl0FMWbs2PqLsuJ08WxKRRYsA8_ZMfQ5H5DittzW9vIJNdnZLynfjGVw7637VF6kK8MeKQ77hYW5D4AYcLIo5RNy9niGKHmsW9Ng-cOAia4LtXHY2LRW5F3lIDXr7rJWpSRzPxHDSsgvGDIYvAhoj1y8mRoCRu8Br2KgD-PuFsAJ8o21gSBCywvFuVnXe-Amn7jnoRbJhhDxgIEIx0YpAM6dP1zdPdW83R6QiMFDB7hdMyrTb5aFl3XTFiMY9Ocyk9t8sg4keUHyFDqBhYYEBFyHchKkQVl3kxxUOiw1oRPRWZc4j5IovWOnUodhEIQ7_f5ldab-BprTz1uMXy2GBWYOv3jPrXeOUMKQwDBUQfFn8nvzJFlnjlUDpipe3SB0NIWU_2Zs11WFi9-BmHkLJ-75aQgDrS0fgDm8tlxNuMpEayjBkZZerIGXpZhNIlP-pLgSl9e2beOpJdWZiSNUBXry_r3nX4bBv0EnJlpf6RLgrcnwzmvXJ12ltI82Y613ZE2VNiwSHzrspFLVjXCZlgimdmC5tc-jCB2VF3FpIga3jNSc27lErL9ly936ehTp7Amr_C2xgvowVHJ4H1s_sH5utpcAGHLdvABgBkapsVV7ZgRzX9DPQqR-JxinEI74nHKbRN0fS7zJXmmFC3mqmT_8zpwvz6ZOEZixWezLefkl93gwcfnzLckTtsL9NFe34z5S7pikArWZWxR8SrsBLzaP1wtH6EZb36L6o7CM8WsaO8HjfHtiSEg0GShEdQADDKfayYoj3V05IE2vcVGpV4bn7vA5ip-L7B1HDPSLdM8zXZxpVEcKRS87Aog197thfyHUW5x-l-CVqN_3X2PGwK3Yvz43JQLNmuginanciDuvUKSgOj7DnyAKTKABhRFC5d1T9_ihrM1CshNjw3jTXrSXNLOLxHTdG3UBzbFMUibECmo4S_ncgSmgdjn7El4RC87tyaoE6GkLONjoeUSHmvByVI-roGvyI2mHDULX3KRm26QuxLISHRjwsXHpURMjfePpfSMZ8y4RPeFqWICio7fRurvJh7cn6fId-HNCnebWLtKAkuO9CCjrTrx14deeWoWO1DPZiP0eep31kTfW1pR3r8SLWWRe953AIPdGaHHiOQBZ-of4NeXz-x0LHLKHYNqkf0OILOHSwA9OsKUKIrpRUUdRc9jzpZoaq3KbaG_r1l6CEMLtuWGEkLW-UEVgLI-uA8rbUQtY32afqqD2UjQynsAn-jkCD8iI_MDjaHPFR5Jf33xSYKrqwA7eihoZYvWdCw05jN9udFl4U6HcmpnYJmfkdkEhPBPNFXVAWxWWgQyQo9nQrj2vWc41iKkzpBIuV6kAsaBDL1JWh-usCCrdotXy224HaGNR63BSQEYjw4Ce2hcQrAvp69wcHgK-nJNXx2j47rWmcJfnhxPzhvgdxXdeah6qxoS-WMUijIH1uDwPfSLMABl27uGbY8HNf8wvagofHYKLu6eog-0z0v5LM2WC9u8s5z2rQvkj09vTj3QkVxrnTXNsW6AFlyJwHBTW4qYy80OWJk-PbosiQoDUG9yANlKofmPMtGmzqwmXMorqN5L16zxEPZclXhB4Dgsczb-GBK2WNKoGNBqEziUIMTk-7GWLyfUCepVtWTqOX2wOkg7s2U_7XNm05YeiTEYWsm5YjjuF-6gmDFddowrwiw145604ejKXw7ymqhQSHAkHIVK-hFcSzOpg3uJgID3hiEVFJDBJqDv8iA9GzdRPKnBxuuvTlN06dwp6ZfPRvu7MiTn3H0L1WZPtYmn4bUw-pocyMe1m794lMDchw_IpohcmKvbgfGGlzVjFWI4QXhzEBeZpkEc6j9kX_qiSrbD7MU-WFfbZjPMU5jvcHZqc3GCCB6NzMZ5jgJvpH3gul6xUdbDFAOBNSg_qm3WGrPmX1fAgsVnFzWjd33SasNWaUkLoZIbjIYzplAlJzIKlNbtaYnaa0WrredZ3lZawIt8VgtkAG2IlafOFe9f3IYnprR9Jpr3sQnqGqjXu8a3RF5ybWLbQyvRHG1y-AErej0TGE8CQgbK5X1a_ztMjvQjNKayKYKbOpCafBihB4ewa2IZ0Reg_-aD7vJm8EfC_FA3MPvrKfuVqBW--luBsx8DaMQEc7Rkp1xDal54hDN7-fCH0Pknln_u0597GPdfrYurO-BlFKCNnzuJxwwEkIUp4vVuk3nxPsfijfW0P0Iu6Qu8dbJFdZMKaDN4uls30nU4_s4JDYU2ee8ttHgkieVvzLAcKxqmLmHydnQnjIKmHWti4DxGMj5xDbybDTj9qmM33up3sxeO0CrA8T6kSI5d_C7Jjf1cFISP1-FprX0xLKTpv1zZecdTYAc00Y_16dQ8beE_fSl9yf918Ahn8bsx-sLVe9jB2eGiOlXsNIIIqZWAyXswXVgFViV_8QCGklgHxUwAP6AKQW3n8DMqBm3G1un0lKoXTlM-1T3mxwIVKF7GKUvJAcNXgTR3KM6Osla3Kob6LvuImse0q9hWJRpDpZ2zzDYCJwP9BOJle3EhFsmR6yDlw0R5Wat8c5pMkJZ6Ou0faIE-HVtvsR0pNgtFbxfoRNW2S0ZE7tyiwAYIiP2qwV5imbhcYaPo7YhyvDJNvfsOJVyVyk0oUwv6ggsvNrzk8Pv_QDU4qty5iF-WnjARThFFDtvOynUaPb0worl6TG9l4UhST0MxQ9bfnICg6Xx5f3zqNkw0_PkgI&cid=CAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftravel.yam.com%2F&ds=l&xdt=1&iif=1&cor=5204535191014448000&adk=4188270525&idt=228&cac=0&dtd=3 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bfd5cf0de81bdbdffbd2dd71a20590f4915e994699539701798907ebc92118f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11488 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE25	0 20 B	58ms 57ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1492753088087&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE25	0 20 B	62ms 62ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1492753088087&version=m202301230201&ct=77&x=1&cor=743193040997415800 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame BE25	15 KB 11 KB	65ms 64ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_8YXOCwFca8huiAfbMhNIPliGR4lypY_QXbE3iutP7-zhW21x_OnWIyHCN-kuIm4WG3vkQdBYPum5y1ty65JBYztk-eBMe6SEGfN17qXuzzmG8XdrVyFCRHVEdoe41Ll-ZZHpNb_BMsvle1iOhWEpemrC4eMR00ntiH2oqUlqac_3cds&cry=1&dbm_d=AKAmf-CjKdrYlq5FENalZ_J_agmF3zw4rgrMVdwJjkUbaoCPKQ1w3ZPeUwUgIPUfSa99SSZKnVflInBxv2Hf0J17H4CVM4kA2_LY5zQbDthn6tFdS7FZGpeQzSlER2XiRL0Dj6k-zdurB4hw8xWEI9f3mavTlmPv_6RPpiBmCrpadvSPi2XW9s0bWQfrhqN1YXs1Pa68uxDIPInFZAhxlVuMNY_uozW9c9Ncw_OZMR4KShIFaucRiDCK_A_KV9Nk9LpP5ZQJjHBN4mlgnepehGeqdgvCjwFWcyjIDmttdee4QsVms0cCr2mOmcu81gMWAgSa6IgWCKN0vLkB3bNAcbb9VkJOh57GBgvsTIHNRoFLdFuxz8r6sT3G5_16sfv1LliitY0XiuAS4QrTI32hg_vM-yVEAQlbF-OHHlUtXSRzhPD6uOsSf6sULLag3m7ZTgKIaHkzX3jemeDOiAIjNnfLs4IO3-jxswX6S3Xy5tveJ5L-CsOAp9KeBsyEun66d5haRPUVMMigfx_LgC5jxwilyYcZjC5q4slKKjGRRur9FqHuETHO2NworkR9toJ5AaNDoelAVWN9nwMwdLgWnynIjl2xlJJybv7vRX4Akkz7zJJy-d8aRHPWnlJAXw2Q4iLXaYODu4IVVyxWigWaL9Lnyf6zt5eDAB8OyPtzjaPe5Bd_G1wJU-ETxl5wCfy-Cuwrh9HEgzkptfjYy--OGEShbb33xU6MuEjWMK-P3l6mgAprmP76z7UON2C2JfKnI4dTnizsICBpJktWRuoZfBecABqLoaxj5aG0pAEttQxvapxRu9HUUcL9hijMiJHZU6TsJTnUmuf-8Ddu2ZBRGVoxxDmYyecYMcRwZZhFjt4FBIo1ttWEvb5jxTYJU2ebCEeHeltrnaf7Y5BXs92Ml5g-YBi62BOTuVVr8h8kbpTv-gBp282IJtj1LbVQfGtkR0YA5u8Si1QKGEWoI2GWP53pNbrTJV8WKdo-HBFhApY1uq9ifGJCkGYeVoyAUQuTXbnZmd0_o1i1eGhNPZLWUEXMLjUewQ75RfbnTehy5Fux9sbDENuX4hlPVJvmLvwH7-uCfVz6p8IofvM3JGTWng-Yi90pWWLSehh2oENnTiXx6dpMZpNPuJyTxiHP62zu9EPw92jMsXLXALnDK2fKz9uvIMwL45J-Q2oHT6iHHXtW7BDezQP75DvtH12VQmKyWT33rcdCHVDlDYQl4O00umx5AOnhN9BsBSvbvnX1nI-WCjgDNp8maZHXex2qoQeTp5kqkWUjOdSIseKzDoN80oMwMmSS3KCoD35UHJStOK_v_7ZU3PwG8NnxUwI-F1DYylIRCyuNgT1GnEJcmXpP5fdbr8z07ppbi9yDuPj-IP_Oga50n2p-A8qDPRLmuSdJodaJBQiouN-IKhq1SGPXdVhlBePcAYffhMfINJUOYb71W0Fh6SbrGAmzUIqvWg-QA3JGqffWn4CeB7NCojO3PwI1cz6EWt3Se82CCBQCkZ3ZHbZ8Bt0xm6KBJjELup2sNQHm7unwP5nk5dHxf1DSTWJ_Fs8EiZ0dIbLeunQK_HdQLIgvawQPkAOpHFOP-mjcO0jAR18vrFE7-QfaSLKSdTaiVa9L18EhLvYHTIYiBBqBKAj0OLcKc9YE3UOQ36Ap3eNn_XAFj5aKyUIT1oZmT-yQqaUIJHm17V3v8T4bABlsrrhtezYtq7wfGzChpVjnvVG4rat1AVER8GmnAr8hsAXgc9bNh_eHeplGSeXVwW2XRPG8fGPsPRRsIXSuVeRHJBugEPKc_mnAuGkhIbevVMiCUYENF9m2KvaudhVb2LyDDaTYHPIrI8qTBLCukTkQmX01_frzErNUnzdLcr3Ruc27KLbnEY7Z03p9jgbD2oH3Ti2gleYeG8aQs2jc9RSVnEMMqvSjrcYG5mxaF6a3_EHjKvHT30WhYb4pvhW0OvdxJjUs0nFbKLgfwYkAPKDcaO5bDm8plZ2KdUTD10GIPFV4-4vyUsDRpqFEAndv0iQtJ1OInojzZw58oYzJ4DfcRKQ5T2zoulw7GEc_3HpczqJhGtM-SxrNY3UVMHNTdrDXWzKXmeUn-3poVX74Z6BUZR3sjezPyaP6qy-SAzZsYv8FCs4gAJiQnjOaoYHu3mrMNNHeHFzgPrj-6fUx_HwJn5caZpD2Fg6XG7ysWqZ-cQBz1xKBY8FhZcrsZvaJE4zG43W7Qv81-1KHKYwWoiCufGuhjMaWq0afAW7ZmK9AxA-rNrAs0Nk3cSziqh-XDv2JgeUltJNuR1Q8AIIfxNtqUwql9wKUa5wkqe2FnFUuDWl5UD3IdwZwWeBsotEWKkkREY_LSX3n9t65NNGnWUJ7CrjyRM8R67nxYFtMuRR6sipv3gBGt-62-zFwwwmoIYPjycvkHMJjevfPRCpOu7fx_9p2wlwPSxLNF6oaEiBwfPPE4bcXPw3kl3l4egVdRMcpIxTVR_WwsqbhqJDIyYFnMhERIV8sP2O2NQstG-HGqYE3H8iZVAg57AEvNjFKqjcRMcCwe7sLfRA0Z-KEv1mljr6_PAEo2PgG2A_ODyuDSOpHMCXdxATlFOfbps1df6ibBtT0oBss0M609U-EYra7yeEV4atQ3gHHVa8PYdJtD7FW_Wt1CD6aoGNmgIl5P_WxMD_Kjx7Po3LFTM8j2pGwtIb6pU5_SvDS1CIMUMek9OZO9xN7_9ZsRL4n2DYvvI6Tp-bCCezCD-x-9Kkww4k8Hq8fccqj2IEQBSpFUdyL3t9G7rKSHUW8UU5YLKUkKG0CzjVdgrPVJ2JrEkNoFYSADlzJU_vNxb-LApwvL5h0I5atcPg4MDevT4kMjLOAy6jt1XmJAYwiTzp2SeSNqI_pZY3J7jVcLZXiXVeHT8XsNOY3wJOoaLeRASJeRQeQlBtkHPr02ndhOjx7i-1JNoGJJfXcVAELu6oF3IgongizHYf8g1rDdHTuc6xuvsJcS9uae6hC_whLkYCJJRPJxh-Lg_R4IVeU4tx0WwO26qGvvVh5FZYEsHbLdLte7VvhhPfPAwFxxXiNQNwXt_mndHxsDSRUskkUHBE2fhlSgaGdHmieBjs1P97CXo0siK_Qz6LEZ_yGfV_5xyaScms72DMkgKlQujGZ2A1gDlbI5WXgDUExDy-jorDUr3k5ZUBiG3RVHq3f17aQ1wwYYRaI02gAXvNjbLo7b-Y-SoqnqK2xSB98wyR4_7snNck_3zdF18I1iG-pE7bNqBZvaCr0ImoBVpLG5OXhYZLxAyadaSqt8N4dUZuvWv0L1HhRB02APphLlbsuvtid-wMNMe7vCP9XxCh-v2mTdNAQ1yc_brzdwvK8qt1iR5uGyA092fR4VpQpqi7AXiyorNW-2PzH1LRWzHlzNw3lxkFko772-PeD7oC-FXxel5RO4vJk20ZQ-1qPQrcZ9uz85VLEDNZDc0Q12ufknkfdiXIQC1dOVI-YBeNEvdjLh2jHPsB2Tr3gkFf9hYj7ipE21mvhyo0MAhnDgHX83VZ-WCCfnd5Cb7X_Cn-k8Y1atxzjv3o5hQ8H9sUakY1e_hGj9YCRxMNtg8K1KhhBA63x77aG&cid=CAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftravel.yam.com%2F&ds=l&xdt=1&iif=1&cor=743193040997415800&adk=1033480531&idt=239&cac=0&dtd=3 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dc936c38bf76b375934eee972990b99ca3f904f6c786859668d1dfbd76456b96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame B2D5	0 0	78ms 67ms	Image text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CLjl97AibZJj3JsiX9fgPj4ua6ATvg8Shbr_Ir6y_DszHmqb9CBABIMzdhyFglcqTgqAHoAGwuqHXA8gBCakC1MKjsvJesj7gAgCoAwHIA8sEqgSSAk_Q6Rfc3YjLjaqqnXxXORZmqyRE4jyOYIfjhwAFhk5EwlpS-CaobgPzDEzL6UD1JVmubB_SqEjqf-k52e_jfbz5iNEpTgrs937uIcHqEOwEuTIsA7RytNUQ3QZim_F1BRekhg7fY983VCeDxiElHlZB6jB0zyIm7-WbMbcAnA88MojfFcFNQWbdSU4B8mL7w-3VouvGA0Qexf4uTleVNtI_M5NY32ON2fQx1nRqDx1I6AC6Tqs8-7zeRiw5vBH-uc22bZDRZbRwMiODvGOh1rw6qv19LKw_KBrdKIkb7mClvE62KxKHz1M7QmVBRl12lcHFXdi8aWRta7Y7VjBcRXY-MAUAvdzhV5kxbtVapByDW4_ABMmYqargA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfF960-qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOucC9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgHICwHYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItMjY3NTAzNzI5Njg1Mzk2OBjU4Bc&sigh=sqGtVGGo8dI&uach_m=[UACH]&cid=CAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB&template_id=494&cbvp=2&vis=1 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
GET H3	200	qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Show response pagead2.googlesyndication.com/bg/ Frame 6660	37 KB 14 KB	32ms 27ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:52 GMT content-encoding br x-content-type-options nosniff age 3854 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14515 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 26 Jun 2024 15:01:52 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 622D	41 KB 15 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ACm8sSa2FjD8Y4wYyTnaneSBhy-jAw52pJ3R9PBzOe7q7qTdKz8yngiuOV9ZfQgLmHo1Fjw1s6mebuVW3lMoZ5qcpi75vW4EH6sIVbEWsKz-4uXImQa2LjCisFXX_M9DHhwBXzns56ApqhFqIrcd0C8liIRPty8k-RFx-7yPekJTRLDSo&cry=1&dbm_d=AKAmf-B1eLxG3rRugVQxb2RtRtnd8ylwzouqt7fX5ZN4iVwkJEqIaAat-7oTnNso-GuhAwHaSvwIHdAS2aXurARwbr7dXjclVryPQ1gFEuoSxsyOpRlycQr25q8MgQY_nLHdz1_uK8uWwfwzcsJGw-tJkJMcq09BaM4LnaJe_AAJIXiRmDJZzpLu9OBIvkqp0B_-0qv_MN5Sq1RdKIL1FmBrabok_VUJ-s6YANhacG4ibwQQmgVLH9DwpqwWZX7-PuBME50_0E3nZJVw1xFDXbq67q5F4KdXTlyu6gUaxR16Hf5txXfudIp414WAHWvRpJvG_OweUGl4EDb54Fj3xKnWTTMtN9rPYxV1iteG5MvAfeqcxFrtTA9Fvio2RlXrAKbCL30u2Wskb3ls_zaLf9Nt6CbejEvGXr7Lqaykw4xTSBZA6f4JBrqcot49PQbes6zTr740hGqeJ3YPgWvPM811ASGQ5bRog8rojha6-g44Zs5Xj_JNZcGylNZduuIqdbDUxJayabCV95YXt7GTcVyfeivUae43mpUdt22K3KzAI3iFMBBG1eAG2bQ54WfEMTQl0mxAEKQr9_BDwZDum2ugN9xLFFXJ3nzYMEGQBNiwbKC5PxIXMFL5KnNl6Jo5dI1xX8dgMUqeq_7-03MHg8OgqM1IMukYGKkMljCgZ3HH9XZHcqqAArV2zdFmp5_fXAOGlGZFnj_XLSanvIn4KDetO0Opfu2pjYRuo-Z1vHeILpA1GjGXYji8Zay-35_cfDPeAm4AyhRZ3Zg0P0UQ6nDHbQQta1lx8WjO0QTxhRgZVaGS005SHRXelF9Ze4msq9HzcUu4OX-j-L-0zvvOnFU9vPQsNA1FYao38sV7fK8IIxk1uBm4AuT-hbZQCV61KnUOC-hIHMODVp13a8uRkhFkcZ1Su9y8zFvRNPJzVqHkB2PV5t3TBMRdIss2xziJmdUTw7hcAi_K8EhwFcAxVHY2PVLG0UESA9W1OWZbX3sRFQmgzZHmKS9fR6OWudqxvIIw63YZqBBJjn-3FPKXVq4GtU-FnihXWPr6Hg1dW-70c0vkQie59WAkRaW5KZlYXsGW2zXnEubFjGiZz3sv6pNu9r_eql0pQzQMyULtRVp4B_ImBaGKJPgEjBk7KFdLtWY_QQEEw2AZFjbxgsfIN1MnivqhFb-XDL7KUcYHVL1e2Zo7UYZJPrLTrsVNTc2U6ZMnd1Rcc2qGCEiN7swjVdPUN8U_5roxfpxPHufoTW9Y1Lq8HP4uM3Ji0JEX8pH13ukCk79mpuB5gUzmyAxrs2ozB-d4NrbgxO-2gknjkECEY8vIks3f-KBFtnGxzGjoMa75rMDxWVXH2LW1otklajvwm0glM8Jp1i8eC_HSeM67SC4lLJAFw5cCaH0qdqnoIyWTY2Cy99HlNwbhpbkr3pIFempZyYhdzrMu00PbnXFMKPZK9xbVlGzJTN5pKBliZGJh7biamASOeTbObSWTR9vO3oad_HiQ7kb3WgGaZOm4-F5DfBLFgfaXGi4WvzIESorYMV-jf0p6GTxWWQk9CRvFIT5BqpAaVTWj1nPh9OkwDscGp8y71WABXU0U9u25z_V32GYCRmkfil092fjkAws6rzzWyfR6ORrH1TOHO8vXKj-bPUpX6dKsd4rDqNaWjTuff4y82nZWcxUPLLiGFFqOkJ_5Pef-02glF1uK9gSZ8si5Tm1s1BtBWKrm8cuchz-NsbCE5h2EZfSn_pVPY5yAImlPEgTFEyLNFyv3WuIHWTHTwT-U1VQ86fCJ5EFci_0i1wwxVBU0wEAaU-mNb1kye6IpQttmIdIFb_awN4r6YgoH8zJG815LkgTR63Gqo_P2CrlQkXJq_A0JSzd9zXkxOoLv0BbydnZqpR8RSgcKmdVXsjLjA53GIDc9xxzqIBtccQ4QgF65zgvrXsVza8Lcwsz4aMn3AI9a0CfR4G5FAib58jZm5eYxGxAhKf60sBQ9x6g-ipehtC8BLuLwlv5DYa3pSXXn-BXVJrRos5DjAj8WMxUt32uUjf6Q3SNS2MDRVksYqghGZsSO1xGqXpFn2A6nwZLQphB9157rINpwdTi0gfi3apY42-yO0WNuVyJIG0rUtGawNuA3Omdr0h_xmH5ipoeMEvMOyKj1n2-qVX7yq-djaRnqqEYuG2IH4dOY0V95spyWzkZ9k7-7IEV5vxIEzHSq1F5zm1MmnDjZH8guneMy32f0q9UId8xJmsX8LrawNdiOrv_00zM69pAalenWPqBATsJliWQFC9OKYjm2sRaU2zyNLj1gnT7yLNVc6v2tOuYuWcyl0w72QhlOajkLXRZjHm52ktLPzKZSQKK2--rziDebjVlVT-IDzEuxPyQiDqx05E0vgrpxnZrVoXnPbKL_g3miS295sBY4pBfbHQny9a5KIq2w1Uva6Gek_DmSW9FlPnBRkMOTRjDYD4akQrbyQFdwe9iWBoQYxPGtis5TVOTVEDrBdx1WDJ-8hpGR0buACwdQbdApoFFRlrCz83lx5VktquUwMyiz1A5zrHc7QLkpPQ1SZbugCPzqGhIQW6bnlCeWPhAI0i2lJG_Vrea4zM40AEi6xL00gOoZH4v5DF0cbyWSWjbx9GkLzENsw5HAY_4W_b2MX-4CmJ_ioluXsZgNn8LNBLnemD9M_FkvkgW6xcYEerl2wnuXDG8lu4lzyfWoa5NTvCxSFGvWXw_NjG_6o_zU9vYU4lVh4P-d46fuNywa6sXfG8oIcSc9_UHDE4KCz0oUu7V8Z349Mf_2LZoOVc7SjNnFtjZjBJ_DD2wMD6geEk_fE7AgTAq20q7e05o6V7BdGiHeRFekB9voeWO7mON0iRUiCX2Yarqtz470N08S7aI_qdEOoErJq-gjIetpL1jauUVOr_u4gwdDm_-Al1xxoWDDPnMkrDOob_RqzXcIFDQlOCsBQleMJIEcTG-i8ICx_FoVk45N1g8z1A&cid=CAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftravel.yam.com%2F&ds=l&xdt=1&iif=1&cor=4495041482684491300&adk=3690638929&idt=188&cac=0&dtd=58 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 22 Jun 2023 13:19:10 GMT content-encoding gzip x-content-type-options nosniff age 442016 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jun 2024 13:19:10 GMT
GET H/1.1	200 OK	dvbs_src_internal117.js Show response cdn.doubleverify.com/ Frame 622D	57 KB 19 KB	38ms 37ms	Script application/javascript	2a02:26f0:3500:d::1732:83d6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal117.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=28473661&cmp=29823623&plc=366421488&sid=7758003&dvregion=0&unit=300x250 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software UploadServer / Resource Hash c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:06 GMT Content-Encoding gzip Last-Modified Tue, 10 Jan 2023 11:02:11 GMT Server UploadServer ETag "d07704704b2ea7cfd4b9f2d78f0c7dbb" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080000 Connection keep-alive Accept-Ranges bytes Content-Length 18861 Expires Thu, 30 May 2024 12:10:19 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame BE25	41 KB 15 KB	25ms 23ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_8YXOCwFca8huiAfbMhNIPliGR4lypY_QXbE3iutP7-zhW21x_OnWIyHCN-kuIm4WG3vkQdBYPum5y1ty65JBYztk-eBMe6SEGfN17qXuzzmG8XdrVyFCRHVEdoe41Ll-ZZHpNb_BMsvle1iOhWEpemrC4eMR00ntiH2oqUlqac_3cds&cry=1&dbm_d=AKAmf-CjKdrYlq5FENalZ_J_agmF3zw4rgrMVdwJjkUbaoCPKQ1w3ZPeUwUgIPUfSa99SSZKnVflInBxv2Hf0J17H4CVM4kA2_LY5zQbDthn6tFdS7FZGpeQzSlER2XiRL0Dj6k-zdurB4hw8xWEI9f3mavTlmPv_6RPpiBmCrpadvSPi2XW9s0bWQfrhqN1YXs1Pa68uxDIPInFZAhxlVuMNY_uozW9c9Ncw_OZMR4KShIFaucRiDCK_A_KV9Nk9LpP5ZQJjHBN4mlgnepehGeqdgvCjwFWcyjIDmttdee4QsVms0cCr2mOmcu81gMWAgSa6IgWCKN0vLkB3bNAcbb9VkJOh57GBgvsTIHNRoFLdFuxz8r6sT3G5_16sfv1LliitY0XiuAS4QrTI32hg_vM-yVEAQlbF-OHHlUtXSRzhPD6uOsSf6sULLag3m7ZTgKIaHkzX3jemeDOiAIjNnfLs4IO3-jxswX6S3Xy5tveJ5L-CsOAp9KeBsyEun66d5haRPUVMMigfx_LgC5jxwilyYcZjC5q4slKKjGRRur9FqHuETHO2NworkR9toJ5AaNDoelAVWN9nwMwdLgWnynIjl2xlJJybv7vRX4Akkz7zJJy-d8aRHPWnlJAXw2Q4iLXaYODu4IVVyxWigWaL9Lnyf6zt5eDAB8OyPtzjaPe5Bd_G1wJU-ETxl5wCfy-Cuwrh9HEgzkptfjYy--OGEShbb33xU6MuEjWMK-P3l6mgAprmP76z7UON2C2JfKnI4dTnizsICBpJktWRuoZfBecABqLoaxj5aG0pAEttQxvapxRu9HUUcL9hijMiJHZU6TsJTnUmuf-8Ddu2ZBRGVoxxDmYyecYMcRwZZhFjt4FBIo1ttWEvb5jxTYJU2ebCEeHeltrnaf7Y5BXs92Ml5g-YBi62BOTuVVr8h8kbpTv-gBp282IJtj1LbVQfGtkR0YA5u8Si1QKGEWoI2GWP53pNbrTJV8WKdo-HBFhApY1uq9ifGJCkGYeVoyAUQuTXbnZmd0_o1i1eGhNPZLWUEXMLjUewQ75RfbnTehy5Fux9sbDENuX4hlPVJvmLvwH7-uCfVz6p8IofvM3JGTWng-Yi90pWWLSehh2oENnTiXx6dpMZpNPuJyTxiHP62zu9EPw92jMsXLXALnDK2fKz9uvIMwL45J-Q2oHT6iHHXtW7BDezQP75DvtH12VQmKyWT33rcdCHVDlDYQl4O00umx5AOnhN9BsBSvbvnX1nI-WCjgDNp8maZHXex2qoQeTp5kqkWUjOdSIseKzDoN80oMwMmSS3KCoD35UHJStOK_v_7ZU3PwG8NnxUwI-F1DYylIRCyuNgT1GnEJcmXpP5fdbr8z07ppbi9yDuPj-IP_Oga50n2p-A8qDPRLmuSdJodaJBQiouN-IKhq1SGPXdVhlBePcAYffhMfINJUOYb71W0Fh6SbrGAmzUIqvWg-QA3JGqffWn4CeB7NCojO3PwI1cz6EWt3Se82CCBQCkZ3ZHbZ8Bt0xm6KBJjELup2sNQHm7unwP5nk5dHxf1DSTWJ_Fs8EiZ0dIbLeunQK_HdQLIgvawQPkAOpHFOP-mjcO0jAR18vrFE7-QfaSLKSdTaiVa9L18EhLvYHTIYiBBqBKAj0OLcKc9YE3UOQ36Ap3eNn_XAFj5aKyUIT1oZmT-yQqaUIJHm17V3v8T4bABlsrrhtezYtq7wfGzChpVjnvVG4rat1AVER8GmnAr8hsAXgc9bNh_eHeplGSeXVwW2XRPG8fGPsPRRsIXSuVeRHJBugEPKc_mnAuGkhIbevVMiCUYENF9m2KvaudhVb2LyDDaTYHPIrI8qTBLCukTkQmX01_frzErNUnzdLcr3Ruc27KLbnEY7Z03p9jgbD2oH3Ti2gleYeG8aQs2jc9RSVnEMMqvSjrcYG5mxaF6a3_EHjKvHT30WhYb4pvhW0OvdxJjUs0nFbKLgfwYkAPKDcaO5bDm8plZ2KdUTD10GIPFV4-4vyUsDRpqFEAndv0iQtJ1OInojzZw58oYzJ4DfcRKQ5T2zoulw7GEc_3HpczqJhGtM-SxrNY3UVMHNTdrDXWzKXmeUn-3poVX74Z6BUZR3sjezPyaP6qy-SAzZsYv8FCs4gAJiQnjOaoYHu3mrMNNHeHFzgPrj-6fUx_HwJn5caZpD2Fg6XG7ysWqZ-cQBz1xKBY8FhZcrsZvaJE4zG43W7Qv81-1KHKYwWoiCufGuhjMaWq0afAW7ZmK9AxA-rNrAs0Nk3cSziqh-XDv2JgeUltJNuR1Q8AIIfxNtqUwql9wKUa5wkqe2FnFUuDWl5UD3IdwZwWeBsotEWKkkREY_LSX3n9t65NNGnWUJ7CrjyRM8R67nxYFtMuRR6sipv3gBGt-62-zFwwwmoIYPjycvkHMJjevfPRCpOu7fx_9p2wlwPSxLNF6oaEiBwfPPE4bcXPw3kl3l4egVdRMcpIxTVR_WwsqbhqJDIyYFnMhERIV8sP2O2NQstG-HGqYE3H8iZVAg57AEvNjFKqjcRMcCwe7sLfRA0Z-KEv1mljr6_PAEo2PgG2A_ODyuDSOpHMCXdxATlFOfbps1df6ibBtT0oBss0M609U-EYra7yeEV4atQ3gHHVa8PYdJtD7FW_Wt1CD6aoGNmgIl5P_WxMD_Kjx7Po3LFTM8j2pGwtIb6pU5_SvDS1CIMUMek9OZO9xN7_9ZsRL4n2DYvvI6Tp-bCCezCD-x-9Kkww4k8Hq8fccqj2IEQBSpFUdyL3t9G7rKSHUW8UU5YLKUkKG0CzjVdgrPVJ2JrEkNoFYSADlzJU_vNxb-LApwvL5h0I5atcPg4MDevT4kMjLOAy6jt1XmJAYwiTzp2SeSNqI_pZY3J7jVcLZXiXVeHT8XsNOY3wJOoaLeRASJeRQeQlBtkHPr02ndhOjx7i-1JNoGJJfXcVAELu6oF3IgongizHYf8g1rDdHTuc6xuvsJcS9uae6hC_whLkYCJJRPJxh-Lg_R4IVeU4tx0WwO26qGvvVh5FZYEsHbLdLte7VvhhPfPAwFxxXiNQNwXt_mndHxsDSRUskkUHBE2fhlSgaGdHmieBjs1P97CXo0siK_Qz6LEZ_yGfV_5xyaScms72DMkgKlQujGZ2A1gDlbI5WXgDUExDy-jorDUr3k5ZUBiG3RVHq3f17aQ1wwYYRaI02gAXvNjbLo7b-Y-SoqnqK2xSB98wyR4_7snNck_3zdF18I1iG-pE7bNqBZvaCr0ImoBVpLG5OXhYZLxAyadaSqt8N4dUZuvWv0L1HhRB02APphLlbsuvtid-wMNMe7vCP9XxCh-v2mTdNAQ1yc_brzdwvK8qt1iR5uGyA092fR4VpQpqi7AXiyorNW-2PzH1LRWzHlzNw3lxkFko772-PeD7oC-FXxel5RO4vJk20ZQ-1qPQrcZ9uz85VLEDNZDc0Q12ufknkfdiXIQC1dOVI-YBeNEvdjLh2jHPsB2Tr3gkFf9hYj7ipE21mvhyo0MAhnDgHX83VZ-WCCfnd5Cb7X_Cn-k8Y1atxzjv3o5hQ8H9sUakY1e_hGj9YCRxMNtg8K1KhhBA63x77aG&cid=CAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftravel.yam.com%2F&ds=l&xdt=1&iif=1&cor=743193040997415800&adk=1033480531&idt=239&cac=0&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 22 Jun 2023 13:19:10 GMT content-encoding gzip x-content-type-options nosniff age 442016 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jun 2024 13:19:10 GMT
GET H/1.1	200 OK	iju9wczm8trb Show response hal9000.redintelligence.net/zone/ Frame BE25	11 KB 4 KB	158ms 39ms	Script text/html	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=&gdpr_consent=&rnd=1687881964637850&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y9J7AibZJr3JsiX9fgPj4ua6ASm5b2gaa2VnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE8AFP0KbpyclW2Sa1xzy8yiH6QskcbJj-IqrIZK-fWXzJQZPSa7I5c9tseO1BemNmTzuhJS8P96aTVXgpYKGg5l18XhzvF3Hq7TiK1gh_N8VLLX3YoOLab5QRRIpoO9AfXuCqA5Bs57yb6JGXGgrCTg8FV_8xsfLKEKu7AG9zrgdgx0S362kvKmeVGzfywaMN5D3tbaeEI0ZP0WkWJ1IrzsB7AlC7EbyU30Y_zhH3QmQh0NKpFD4PtkLuBw3_brfSGr_iHM4bUSQJdTVdCFVnodiVMYKY4yHXdyjXD22P1d-gINVmrPVp4ka_gNN06y786KjABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_35lDNlFpIShNYWGmnN6qgIo6MUgw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-ANKhqXm03jhpbKK3_Zpxiv4AhMlZ1XJXsYg1PdPZMGAkAbKZImUS7r3RG_liPC03C_gkQncShTvhZB3oWIg0Di_yJxF7mmwu1WuVPrVx86yPwbmQERMaKEJQROrV1mRsk1i9jOxgU6r9-DUJiYMl0VsUk3OgwEU1w5cBeYWzUdDz2fcGE%26cry%3D1%26dbm_d%3DAKAmf-BtvJng-lmo8faskJW2K8YcgHxKw9YcE_BKGBZzmGQG_U-YD9eS21uHRyeB-xuDDQx0588en8NqMTt1QEjgZ3nv6P3qpHrcjzzWyVXbsFnx0BkTxuJ6v70q88i_DXRZPj-7YwwdsMFsMW8XpUvZTnu8ZU4-Agtqbxd1z2K0iDZIHjftJFoAMMVQGwvSjWYFgdMaJ11mmO0UH31cXGRvZpok3m3J7De5RWtQJ_QwCA_GCv9_9bDivNUbJq3hlevIBgkMJrp9rDKmZ88d4iEyuP1UFIZM41qZWNcYqVT3f2Ig-A3r2PtInXNKzrav56u-cWx65Mf-HejJKYBReMptrW1_Sjo9J08Xp31MJdZm46Pq9zmu5Hz2H84tDBYkABHwmUto-NX5yag0mtBvqcwEYeSjgKBGJ3Q5vsBGaTEFmunQapFQMkgy7PBMY-1rv4bWJI2CB0gfUPeL10b41sHCue8i3rqCq6-ALY7ZOQqgR4VjpsYaN70Ca9PltPcfPvWmGSgSukNdhW0Kw_ULKpl-aNv7V0Wr8A%26adurl%3D Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash b1df74a57f28953aef51acd7eda275003a1d7f75eb22a7933405f03115d13f68 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4103 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame C49F	22 KB 8 KB	29ms 27ms	Document text/html	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 318827 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 23 Jun 2023 23:32:19 GMT expires Sat, 22 Jun 2024 23:32:19 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 22A5	41 KB 15 KB	29ms 26ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8sLyUy6QGsa75AnzmSCQy22J6ACNgT7jg1CZqIIvWzQrOVCCFwIyzHwK2BrAM4JXW3xE5Axp6E_oEJQh5TNPphjbLB-ceA6W-yt4EZCV4lzlOm2Er9Cw-QGSWUGGTV2fTXfu6IW7qM5nMVdgNGaWR87s4DtiAa1ltc2m68vsYwMFfarA&cry=1&dbm_d=AKAmf-DYP316gyFX6nZMBfZRbtuzdKyKf5n2IeA-2B_vM-aISd46qaiWdPZk2Tb-3mJQqGvOR-MtEflFiESt196mbvbesDbANIjsNWYPGFccxhatHv_EzxQQ5G_Hw2ZJkFwZpoKiO7QzVNBnOaivzkEqtRySkH1OaQxRTXtRG2DKiTSeF_5d9wFvTA9YJX1IoKh92eQxYk6Lfkwj3muI8bgGoKfVoThSOyZwTX7v9yiGl3Ab7ynbRHVW7AO_FWQYobI3Y58o8vjSzhyGkEHQiiutcZOF2EgHHVOyFiM3zfEg5nCGpwDQeEaAYnQC7WbH1vnaa0XC-8zbaKEQ4sgh-nZoNOjogeD2EdXynWByeURqqP3AB_Y9fSmGhvc6Two09h1p5psisEyiB5OtscK85FgMRGOdjGn0Eqxb_sYN02xZNFsMllQr15SYJsBY7CoCnEaZCLSqHAcr6zQY9en7HNNsamFXMMQXgZAQhmNky_R_7AJ70E3qOk8XOh-RMMnlOdnfQtiVJqUWleE8Hxe377SqnE1VvPAYXWPQwNdw_wGe-kJ_6xcHTvx_4n0ccQ6sr02-zf0-jGtMvYsHN6dhiYpVQgZ286pPGAiNR-RBt9hMtRZBjoxM_K1r01M2C1eSVBakkRum1I915ohgJ1p0CxPE3dfXFA64G5kx_3S_78VSYFlm8YVpiqcrwYOgISreJUTm7y0xA5F2i2rqdHYRfgF00sI3TXRx2v_bSMaaXU6tFixcyOBjyZgAXYYvFnFzqUIaJ_PKe5ARd-ZUkxsZF8vJ7pgnGDVjXlKxlBKxMmhdnb20UM28AwWH6DQzODiv6ddw8CzTLhJj59rVl0FMWbs2PqLsuJ08WxKRRYsA8_ZMfQ5H5DittzW9vIJNdnZLynfjGVw7637VF6kK8MeKQ77hYW5D4AYcLIo5RNy9niGKHmsW9Ng-cOAia4LtXHY2LRW5F3lIDXr7rJWpSRzPxHDSsgvGDIYvAhoj1y8mRoCRu8Br2KgD-PuFsAJ8o21gSBCywvFuVnXe-Amn7jnoRbJhhDxgIEIx0YpAM6dP1zdPdW83R6QiMFDB7hdMyrTb5aFl3XTFiMY9Ocyk9t8sg4keUHyFDqBhYYEBFyHchKkQVl3kxxUOiw1oRPRWZc4j5IovWOnUodhEIQ7_f5ldab-BprTz1uMXy2GBWYOv3jPrXeOUMKQwDBUQfFn8nvzJFlnjlUDpipe3SB0NIWU_2Zs11WFi9-BmHkLJ-75aQgDrS0fgDm8tlxNuMpEayjBkZZerIGXpZhNIlP-pLgSl9e2beOpJdWZiSNUBXry_r3nX4bBv0EnJlpf6RLgrcnwzmvXJ12ltI82Y613ZE2VNiwSHzrspFLVjXCZlgimdmC5tc-jCB2VF3FpIga3jNSc27lErL9ly936ehTp7Amr_C2xgvowVHJ4H1s_sH5utpcAGHLdvABgBkapsVV7ZgRzX9DPQqR-JxinEI74nHKbRN0fS7zJXmmFC3mqmT_8zpwvz6ZOEZixWezLefkl93gwcfnzLckTtsL9NFe34z5S7pikArWZWxR8SrsBLzaP1wtH6EZb36L6o7CM8WsaO8HjfHtiSEg0GShEdQADDKfayYoj3V05IE2vcVGpV4bn7vA5ip-L7B1HDPSLdM8zXZxpVEcKRS87Aog197thfyHUW5x-l-CVqN_3X2PGwK3Yvz43JQLNmuginanciDuvUKSgOj7DnyAKTKABhRFC5d1T9_ihrM1CshNjw3jTXrSXNLOLxHTdG3UBzbFMUibECmo4S_ncgSmgdjn7El4RC87tyaoE6GkLONjoeUSHmvByVI-roGvyI2mHDULX3KRm26QuxLISHRjwsXHpURMjfePpfSMZ8y4RPeFqWICio7fRurvJh7cn6fId-HNCnebWLtKAkuO9CCjrTrx14deeWoWO1DPZiP0eep31kTfW1pR3r8SLWWRe953AIPdGaHHiOQBZ-of4NeXz-x0LHLKHYNqkf0OILOHSwA9OsKUKIrpRUUdRc9jzpZoaq3KbaG_r1l6CEMLtuWGEkLW-UEVgLI-uA8rbUQtY32afqqD2UjQynsAn-jkCD8iI_MDjaHPFR5Jf33xSYKrqwA7eihoZYvWdCw05jN9udFl4U6HcmpnYJmfkdkEhPBPNFXVAWxWWgQyQo9nQrj2vWc41iKkzpBIuV6kAsaBDL1JWh-usCCrdotXy224HaGNR63BSQEYjw4Ce2hcQrAvp69wcHgK-nJNXx2j47rWmcJfnhxPzhvgdxXdeah6qxoS-WMUijIH1uDwPfSLMABl27uGbY8HNf8wvagofHYKLu6eog-0z0v5LM2WC9u8s5z2rQvkj09vTj3QkVxrnTXNsW6AFlyJwHBTW4qYy80OWJk-PbosiQoDUG9yANlKofmPMtGmzqwmXMorqN5L16zxEPZclXhB4Dgsczb-GBK2WNKoGNBqEziUIMTk-7GWLyfUCepVtWTqOX2wOkg7s2U_7XNm05YeiTEYWsm5YjjuF-6gmDFddowrwiw145604ejKXw7ymqhQSHAkHIVK-hFcSzOpg3uJgID3hiEVFJDBJqDv8iA9GzdRPKnBxuuvTlN06dwp6ZfPRvu7MiTn3H0L1WZPtYmn4bUw-pocyMe1m794lMDchw_IpohcmKvbgfGGlzVjFWI4QXhzEBeZpkEc6j9kX_qiSrbD7MU-WFfbZjPMU5jvcHZqc3GCCB6NzMZ5jgJvpH3gul6xUdbDFAOBNSg_qm3WGrPmX1fAgsVnFzWjd33SasNWaUkLoZIbjIYzplAlJzIKlNbtaYnaa0WrredZ3lZawIt8VgtkAG2IlafOFe9f3IYnprR9Jpr3sQnqGqjXu8a3RF5ybWLbQyvRHG1y-AErej0TGE8CQgbK5X1a_ztMjvQjNKayKYKbOpCafBihB4ewa2IZ0Reg_-aD7vJm8EfC_FA3MPvrKfuVqBW--luBsx8DaMQEc7Rkp1xDal54hDN7-fCH0Pknln_u0597GPdfrYurO-BlFKCNnzuJxwwEkIUp4vVuk3nxPsfijfW0P0Iu6Qu8dbJFdZMKaDN4uls30nU4_s4JDYU2ee8ttHgkieVvzLAcKxqmLmHydnQnjIKmHWti4DxGMj5xDbybDTj9qmM33up3sxeO0CrA8T6kSI5d_C7Jjf1cFISP1-FprX0xLKTpv1zZecdTYAc00Y_16dQ8beE_fSl9yf918Ahn8bsx-sLVe9jB2eGiOlXsNIIIqZWAyXswXVgFViV_8QCGklgHxUwAP6AKQW3n8DMqBm3G1un0lKoXTlM-1T3mxwIVKF7GKUvJAcNXgTR3KM6Osla3Kob6LvuImse0q9hWJRpDpZ2zzDYCJwP9BOJle3EhFsmR6yDlw0R5Wat8c5pMkJZ6Ou0faIE-HVtvsR0pNgtFbxfoRNW2S0ZE7tyiwAYIiP2qwV5imbhcYaPo7YhyvDJNvfsOJVyVyk0oUwv6ggsvNrzk8Pv_QDU4qty5iF-WnjARThFFDtvOynUaPb0worl6TG9l4UhST0MxQ9bfnICg6Xx5f3zqNkw0_PkgI&cid=CAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Ftravel.yam.com%2F&ds=l&xdt=1&iif=1&cor=5204535191014448000&adk=4188270525&idt=228&cac=0&dtd=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 22 Jun 2023 13:19:10 GMT content-encoding gzip x-content-type-options nosniff age 442016 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jun 2024 13:19:10 GMT
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/ Frame 622D	1 KB 926 B	448ms 45ms	Script text/javascript	130.211.44.5 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_526021721233&jsTagObjCallback=__tagObject_callback_526021721233&num=6&ctx=28473661&cmp=29823623&plc=366421488&sid=7758003&advid=&adsrv=&unit=300x250&isdvvid=&uid=526021721233&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=114&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=15&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauEC2G6%3D%5DJ2%3E%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauEC2G6%3D%5DJ2%3E%5D4%40%3ETar9EEADTbpTauTaua_d%60467b4cbd6g%60aga2d7h77_a%60%60c4cb%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=14.70&callbackName=__verify_callback_526021721233 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal117.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 5.44.211.130.bc.googleusercontent.com Software / Resource Hash 44d852b76684382c9254cc87168cd5ffd84d470a7a8c985ff10d510723151265 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT Content-Encoding br X-DV-Response 1 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Connection keep-alive Timing-Allow-Origin * Expires 06/26/2023 16:06:06
GET H/1.1	200 OK	jf2y0amzcvu0 Show response hal9000.redintelligence.net/zone/ Frame 22A5	11 KB 4 KB	117ms 35ms	Script text/html	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1687881964637851&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCywGq7AibZJv3JsiX9fgPj4ua6ASm5b2gab2YnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE7QFP0Kt1XxRuJTKtachhJ7cJvJn7_3k1HnWfPGvUMHUxsant1WbSzFz1NhNJmkWTxOIFv1GWF3_UF8j_uY63Tf17QuecY6nh1s5UiEVDnq2lPre0xVogZhfI2me_uzKJ6wUEjXoyVkDToZQRtz-B_hoPJ-OU5LhduvsKVwisBi9SyJt0FjvEsszJy9QqtaNe2mCkVY-5cC90ui9Up1_10ef_NJm9-4jsZrRaCy-tel_lROurnbtEYR7jfMEDAOl-EMuCmMC_i2afEhQq2sJRhhBiPc1SnZDXM-eiQxp0PJzBztHSkSj4qf9BtMVdXOHABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_0NQLIbWr3t2j78a1t93TF7g-gUuw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-Drg4sCeddT5hqlE8Qln0MzPRV448LGyvPx7cxDLCpDfgb3R14rEzzowyt5iajk2P7074nMFiOTDI3RUIx6yxodFWLfXGBje-MNL86_Ww0FchqnKSd4iJfT-s_E12b4qqM_YqAUdC7h6QL_NiP8pVwVtB3ZvUXnJrHXF2BjHv5EdiT6Xbg%26cry%3D1%26dbm_d%3DAKAmf-B-v_V-W82vvzYEcVtCoS9Mmoo1uHg7BhD2A-Iiy3hsKhmza2L8L48kzDJ6rU8rC2vbymK-cDgQ84UR42UehTNN9OrTm8GRYNWMhQqEJOrTPehikc4XMg82V0cbAeJdjAzC2Gcwedbpzn3wY7uwsF6b-3Li5zc4RUyrw35hObiDnofPQRp_-0IsP6lBFHV4PaJ7m0KUslfXQ-9YfscoC5KW-zSi49no0JSxT3XuwgPyP2OnUTKe2GnpOMB5htwsjpGHc8gWyckLyZ-GuzuNfQPHBrhspEG9Blh3zJLBJ1lNQyJ3KIN_JgKYWcMaeCu_0yb5LwbBYU0PBgFtH5IRJ2JvjQlKbozm5tmPfF1PC1-HSAJK-VzEnEfNau8PProIkulQEeAvQH5yyvebOSESaKhazQZhAz9ZT7eYVPuEm34yAhoAyBfObHmDb1Taa9w4DaDK_mZyeYIH1pvJQegvwYZ0rlx42KiC3CJ2ZlxtGI5zAiItpdOJ5DeWGNgw9yi_-wvVxD15fWB5WAzNIhXYSQAJdzwP1w%26adurl%3D Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash eb67132e6afb807b591f5c75616efd8ed18a8c517c884236df3d7a978d7b7d85 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:06 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4096 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame CB55	22 KB 8 KB	21ms 21ms	Document text/html	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 318827 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 23 Jun 2023 23:32:19 GMT expires Sat, 22 Jun 2024 23:32:19 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 92BC	22 KB 8 KB	26ms 20ms	Document text/html	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 318827 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 23 Jun 2023 23:32:19 GMT expires Sat, 22 Jun 2024 23:32:19 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Show response pagead2.googlesyndication.com/bg/ Frame C49F	37 KB 14 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:52 GMT content-encoding br x-content-type-options nosniff age 3854 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14515 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 26 Jun 2024 15:01:52 GMT
GET H3	200	qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Show response pagead2.googlesyndication.com/bg/ Frame CB55	37 KB 14 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:52 GMT content-encoding br x-content-type-options nosniff age 3854 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14515 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 26 Jun 2024 15:01:52 GMT
GET H/1.1	200 OK	request.php Show response hal900016.redintelligence.net/ Frame 22A5 Redirect Chain https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=d88cceed0a&subid=&uid=3d8a17155ad711ae&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=d88cceed0a&subid=&uid=3d8a17155ad711ae&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	4 KB 2 KB	141ms 89ms	Script application/x-javascript	138.201.220.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=d88cceed0a&subid=&uid=3d8a17155ad711ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCywGq7AibZJv3JsiX9fgPj4ua6ASm5b2gab2YnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE7QFP0Kt1XxRuJTKtachhJ7cJvJn7_3k1HnWfPGvUMHUxsant1WbSzFz1NhNJmkWTxOIFv1GWF3_UF8j_uY63Tf17QuecY6nh1s5UiEVDnq2lPre0xVogZhfI2me_uzKJ6wUEjXoyVkDToZQRtz-B_hoPJ-OU5LhduvsKVwisBi9SyJt0FjvEsszJy9QqtaNe2mCkVY-5cC90ui9Up1_10ef_NJm9-4jsZrRaCy-tel_lROurnbtEYR7jfMEDAOl-EMuCmMC_i2afEhQq2sJRhhBiPc1SnZDXM-eiQxp0PJzBztHSkSj4qf9BtMVdXOHABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_0NQLIbWr3t2j78a1t93TF7g-gUuw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-Drg4sCeddT5hqlE8Qln0MzPRV448LGyvPx7cxDLCpDfgb3R14rEzzowyt5iajk2P7074nMFiOTDI3RUIx6yxodFWLfXGBje-MNL86_Ww0FchqnKSd4iJfT-s_E12b4qqM_YqAUdC7h6QL_NiP8pVwVtB3ZvUXnJrHXF2BjHv5EdiT6Xbg%26cry%3D1%26dbm_d%3DAKAmf-B-v_V-W82vvzYEcVtCoS9Mmoo1uHg7BhD2A-Iiy3hsKhmza2L8L48kzDJ6rU8rC2vbymK-cDgQ84UR42UehTNN9OrTm8GRYNWMhQqEJOrTPehikc4XMg82V0cbAeJdjAzC2Gcwedbpzn3wY7uwsF6b-3Li5zc4RUyrw35hObiDnofPQRp_-0IsP6lBFHV4PaJ7m0KUslfXQ-9YfscoC5KW-zSi49no0JSxT3XuwgPyP2OnUTKe2GnpOMB5htwsjpGHc8gWyckLyZ-GuzuNfQPHBrhspEG9Blh3zJLBJ1lNQyJ3KIN_JgKYWcMaeCu_0yb5LwbBYU0PBgFtH5IRJ2JvjQlKbozm5tmPfF1PC1-HSAJK-VzEnEfNau8PProIkulQEeAvQH5yyvebOSESaKhazQZhAz9ZT7eYVPuEm34yAhoAyBfObHmDb1Taa9w4DaDK_mZyeYIH1pvJQegvwYZ0rlx42KiC3CJ2ZlxtGI5zAiItpdOJ5DeWGNgw9yi_-wvVxD15fWB5WAzNIhXYSQAJdzwP1w%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=5967333107920&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Server 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.220.201.138.clients.your-server.de Software Apache / Resource Hash 7dc85a09789ae6a7ec44b641a800cdb089eeecdcbfe13ef8951d1b7b018ab8c4 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 28522900111809704444978012368016 Connection close Content-Length 1325 Expires Tue, 27 Jun 2023 17:06:06 +0200 Redirect headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=d88cceed0a&subid=&uid=3d8a17155ad711ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCywGq7AibZJv3JsiX9fgPj4ua6ASm5b2gab2YnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE7QFP0Kt1XxRuJTKtachhJ7cJvJn7_3k1HnWfPGvUMHUxsant1WbSzFz1NhNJmkWTxOIFv1GWF3_UF8j_uY63Tf17QuecY6nh1s5UiEVDnq2lPre0xVogZhfI2me_uzKJ6wUEjXoyVkDToZQRtz-B_hoPJ-OU5LhduvsKVwisBi9SyJt0FjvEsszJy9QqtaNe2mCkVY-5cC90ui9Up1_10ef_NJm9-4jsZrRaCy-tel_lROurnbtEYR7jfMEDAOl-EMuCmMC_i2afEhQq2sJRhhBiPc1SnZDXM-eiQxp0PJzBztHSkSj4qf9BtMVdXOHABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_0NQLIbWr3t2j78a1t93TF7g-gUuw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-Drg4sCeddT5hqlE8Qln0MzPRV448LGyvPx7cxDLCpDfgb3R14rEzzowyt5iajk2P7074nMFiOTDI3RUIx6yxodFWLfXGBje-MNL86_Ww0FchqnKSd4iJfT-s_E12b4qqM_YqAUdC7h6QL_NiP8pVwVtB3ZvUXnJrHXF2BjHv5EdiT6Xbg%26cry%3D1%26dbm_d%3DAKAmf-B-v_V-W82vvzYEcVtCoS9Mmoo1uHg7BhD2A-Iiy3hsKhmza2L8L48kzDJ6rU8rC2vbymK-cDgQ84UR42UehTNN9OrTm8GRYNWMhQqEJOrTPehikc4XMg82V0cbAeJdjAzC2Gcwedbpzn3wY7uwsF6b-3Li5zc4RUyrw35hObiDnofPQRp_-0IsP6lBFHV4PaJ7m0KUslfXQ-9YfscoC5KW-zSi49no0JSxT3XuwgPyP2OnUTKe2GnpOMB5htwsjpGHc8gWyckLyZ-GuzuNfQPHBrhspEG9Blh3zJLBJ1lNQyJ3KIN_JgKYWcMaeCu_0yb5LwbBYU0PBgFtH5IRJ2JvjQlKbozm5tmPfF1PC1-HSAJK-VzEnEfNau8PProIkulQEeAvQH5yyvebOSESaKhazQZhAz9ZT7eYVPuEm34yAhoAyBfObHmDb1Taa9w4DaDK_mZyeYIH1pvJQegvwYZ0rlx42KiC3CJ2ZlxtGI5zAiItpdOJ5DeWGNgw9yi_-wvVxD15fWB5WAzNIhXYSQAJdzwP1w%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=5967333107920&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Tue, 27 Jun 2023 17:06:06 +0200
GET H/1.1	200 OK	request.php Show response hal900012.redintelligence.net/ Frame BE25 Redirect Chain https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=7611a80998&subid=&uid=052aeb57d2f1a45e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=7611a80998&subid=&uid=052aeb57d2f1a45e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	4 KB 2 KB	168ms 117ms	Script application/x-javascript	94.130.102.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=7611a80998&subid=&uid=052aeb57d2f1a45e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y9J7AibZJr3JsiX9fgPj4ua6ASm5b2gaa2VnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE8AFP0KbpyclW2Sa1xzy8yiH6QskcbJj-IqrIZK-fWXzJQZPSa7I5c9tseO1BemNmTzuhJS8P96aTVXgpYKGg5l18XhzvF3Hq7TiK1gh_N8VLLX3YoOLab5QRRIpoO9AfXuCqA5Bs57yb6JGXGgrCTg8FV_8xsfLKEKu7AG9zrgdgx0S362kvKmeVGzfywaMN5D3tbaeEI0ZP0WkWJ1IrzsB7AlC7EbyU30Y_zhH3QmQh0NKpFD4PtkLuBw3_brfSGr_iHM4bUSQJdTVdCFVnodiVMYKY4yHXdyjXD22P1d-gINVmrPVp4ka_gNN06y786KjABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_35lDNlFpIShNYWGmnN6qgIo6MUgw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-ANKhqXm03jhpbKK3_Zpxiv4AhMlZ1XJXsYg1PdPZMGAkAbKZImUS7r3RG_liPC03C_gkQncShTvhZB3oWIg0Di_yJxF7mmwu1WuVPrVx86yPwbmQERMaKEJQROrV1mRsk1i9jOxgU6r9-DUJiYMl0VsUk3OgwEU1w5cBeYWzUdDz2fcGE%26cry%3D1%26dbm_d%3DAKAmf-BtvJng-lmo8faskJW2K8YcgHxKw9YcE_BKGBZzmGQG_U-YD9eS21uHRyeB-xuDDQx0588en8NqMTt1QEjgZ3nv6P3qpHrcjzzWyVXbsFnx0BkTxuJ6v70q88i_DXRZPj-7YwwdsMFsMW8XpUvZTnu8ZU4-Agtqbxd1z2K0iDZIHjftJFoAMMVQGwvSjWYFgdMaJ11mmO0UH31cXGRvZpok3m3J7De5RWtQJ_QwCA_GCv9_9bDivNUbJq3hlevIBgkMJrp9rDKmZ88d4iEyuP1UFIZM41qZWNcYqVT3f2Ig-A3r2PtInXNKzrav56u-cWx65Mf-HejJKYBReMptrW1_Sjo9J08Xp31MJdZm46Pq9zmu5Hz2H84tDBYkABHwmUto-NX5yag0mtBvqcwEYeSjgKBGJ3Q5vsBGaTEFmunQapFQMkgy7PBMY-1rv4bWJI2CB0gfUPeL10b41sHCue8i3rqCq6-ALY7ZOQqgR4VjpsYaN70Ca9PltPcfPvWmGSgSukNdhW0Kw_ULKpl-aNv7V0Wr8A%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=8161023177924&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Server 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.102.130.94.clients.your-server.de Software Apache / Resource Hash ffc52479169e536ae78603131ed2db4b1f5133863f2334e9d964291730b7fe29 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 61285000097486704444554012368012 Connection close Content-Length 1327 Expires Tue, 27 Jun 2023 17:06:06 +0200 Redirect headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=7611a80998&subid=&uid=052aeb57d2f1a45e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y9J7AibZJr3JsiX9fgPj4ua6ASm5b2gaa2VnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE8AFP0KbpyclW2Sa1xzy8yiH6QskcbJj-IqrIZK-fWXzJQZPSa7I5c9tseO1BemNmTzuhJS8P96aTVXgpYKGg5l18XhzvF3Hq7TiK1gh_N8VLLX3YoOLab5QRRIpoO9AfXuCqA5Bs57yb6JGXGgrCTg8FV_8xsfLKEKu7AG9zrgdgx0S362kvKmeVGzfywaMN5D3tbaeEI0ZP0WkWJ1IrzsB7AlC7EbyU30Y_zhH3QmQh0NKpFD4PtkLuBw3_brfSGr_iHM4bUSQJdTVdCFVnodiVMYKY4yHXdyjXD22P1d-gINVmrPVp4ka_gNN06y786KjABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_35lDNlFpIShNYWGmnN6qgIo6MUgw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-ANKhqXm03jhpbKK3_Zpxiv4AhMlZ1XJXsYg1PdPZMGAkAbKZImUS7r3RG_liPC03C_gkQncShTvhZB3oWIg0Di_yJxF7mmwu1WuVPrVx86yPwbmQERMaKEJQROrV1mRsk1i9jOxgU6r9-DUJiYMl0VsUk3OgwEU1w5cBeYWzUdDz2fcGE%26cry%3D1%26dbm_d%3DAKAmf-BtvJng-lmo8faskJW2K8YcgHxKw9YcE_BKGBZzmGQG_U-YD9eS21uHRyeB-xuDDQx0588en8NqMTt1QEjgZ3nv6P3qpHrcjzzWyVXbsFnx0BkTxuJ6v70q88i_DXRZPj-7YwwdsMFsMW8XpUvZTnu8ZU4-Agtqbxd1z2K0iDZIHjftJFoAMMVQGwvSjWYFgdMaJ11mmO0UH31cXGRvZpok3m3J7De5RWtQJ_QwCA_GCv9_9bDivNUbJq3hlevIBgkMJrp9rDKmZ88d4iEyuP1UFIZM41qZWNcYqVT3f2Ig-A3r2PtInXNKzrav56u-cWx65Mf-HejJKYBReMptrW1_Sjo9J08Xp31MJdZm46Pq9zmu5Hz2H84tDBYkABHwmUto-NX5yag0mtBvqcwEYeSjgKBGJ3Q5vsBGaTEFmunQapFQMkgy7PBMY-1rv4bWJI2CB0gfUPeL10b41sHCue8i3rqCq6-ALY7ZOQqgR4VjpsYaN70Ca9PltPcfPvWmGSgSukNdhW0Kw_ULKpl-aNv7V0Wr8A%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=8161023177924&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Tue, 27 Jun 2023 17:06:06 +0200
GET H3	200	qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Show response pagead2.googlesyndication.com/bg/ Frame 92BC	37 KB 14 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:52 GMT content-encoding br x-content-type-options nosniff age 3854 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14515 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 26 Jun 2024 15:01:52 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C49F	0 20 B	58ms 58ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMF-g7QibZN2gO5qg3wOxiJ7ACwAAAAA4AeAEAg&bg=!LC-lL3vNAAYQ3eRoMN07ADkAdvg8WmA1sVe4W6BDKa2C-sToF2HxR_7JJn-OMt5pCsJIvSzMC8zFvYIzaBr9b3C2c2N2bVf-n94CAAABGFIAAAAEaAEHCgBJ7iIpAPc5H1cR5m3sb7DSJ0ZjN5wqWDjKugXas-TRDuowbNa4f2solMGFu8kBMfQokqpJwXsCtJvAhih1gXWBYuh8l5DpheXfC5kDBHtp0a-RWRVIfTOT6G9udxbMEKI7xYvVxbK-H_pmDfVgZEZ-Gvlqzd22TorTKBESeEdVn2I9UlA6TGjZNOxTg4kMkjLjgBKG8DfR6iVWYY1u14qkIyHUMl_D1Ac6pIzHXbrjYdcYJWYn1U4Kel3K-uHRB8kclZ_rWZiHf6wrVYW2tJEQnPReB1kA5WGxnEqmxK6X0duttgliEnX49vK40OzU5Lu6M2KyWxIUTLY2owC9bZ-GX73ayZomf8_TmaTCOPkAxMdEf7fR-nm5thzZDPicHWwROfXyXrg3idFayn00ct8oZt5zmpdfmrplxH7SG13ZKybBk-O2xTo2VpbfK-KqvYiJU8IepLP8dNdGJHqKyNtjXTzK9jCUMqjmEvYvPLbq_vlN3iGZNTciKd12wbPxlwd9bcnhEg3uVRYm39220lIyrxK_MOFyO5eYbds0Tr0S8JDDUIOBGYuyu0lGxPetYUU80N4p1MGvWB-9ukaxNPxhuK_JsVgRcGShU-cNF8vkwTRHCh-cjKmv9uYtQuf3wivEpYIB0p-uepsgGwcDAVhtKjOGUIqQrq1OTWVavMkiCDCld2FZkuxvpDJO8VZ1B6fPcP0Klb4aJ2iE-_CNBmNppo18-u_VIPeNBVcywPF8J89jBfaPrpfO1ZBE_yH8tZ5SN5IhciGKZyZi9LDeDnHNxZJBSoAI4fZ7F40LKGAx5jfvwPZMXoLOd3ScTdd8YSM0a2FaCIxX14l014jglW4iiEYuRkQqnZAdw8bPOrm2lnv7p07rxhzHEKB6RzpVwYHUoLCXNtQ6bCe0HDw1Y7XfrS-Grl5pQ9MADaUWAab--mMR0TShAm3DLBJnXmpsGII_OWTl-OEHCdbbviAA8zVQqKH28Hjr6sIihhG6NGY-gZk_8aKbsFWTMTmQd54kN-b2KtaYt2Ag3gISKj8bBa3WcN-VH4Xg8km_Ni697sdbSIA7HQ4B5cp9oiFd-k82qA9-oXpn5MKU_XkXJlgGXZ7dC1gHN6X_Yw9rI5hZ8HVg7Q8 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	bsevent.gif rtbc-ew1.doubleverify.com/ Frame 622D	0 234 B	79ms 31ms	Ping text/plain	130.211.44.5 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=ac5b06639ace43e29ba6761bbc0f4456&vfdur=451&cbust=1687881966668991 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal117.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 5.44.211.130.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Access-Control-Allow-Origin * Pragma no-cache Date Tue, 27 Jun 2023 16:06:06 GMT Cache-Control max-age=0 Access-Control-Allow-Credentials true Connection keep-alive Expires 06/26/2023 16:06:06
GET H3	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame 622D	16 KB 7 KB	29ms 27ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal117.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:10:53 GMT content-encoding gzip x-content-type-options nosniff age 3313 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6830 x-xss-protection 0 last-modified Wed, 24 May 2023 18:59:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Tue, 27 Jun 2023 16:10:53 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame CB55	0 20 B	61ms 60ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bj_WK7gibZInhAYqu3wOut6OABQAAAAA4AeAEAg&bg=!CAulC1_NAAYQ3eRoMN07ADkAdvg8WuuYYXjpF2_KQSt2i_5wxwIeNU3jHZCcAjcpB2P6DH6E8du5Ftd8KngP18PHow1T5cWhU8sCAAABBVIAAAADaAEHmQLta2vgEZHP9Kmlo9dTmOLnOiTQYU9oiR4qM5w1DnEqLMZoI7RKRIhAFobPJnSkFgu_YW8RT-KqF-uOzx2G2YB5bG_vsHKBA0xml_bhN-kRdWVebzGtwkUrxHJ3Xn--0jy-T85hL2cwSlt5D8M0ypnfEbfRlpsbheLc7tt9I8ps6OugAWf3dN-EoXws8ZX2LfAV2NqornOXrZHzT_oO9qNbUOHIWm-_KIgOCmvwTTE6SksvvTk-Rcei3wtd-EpUCte5lu_mtvSJ7vPF68FczNMncYtNtIUeRGGSilrY3VLAqLSWYjohdY6EYwGihZv7uPavMbBWBN_Dz0yoXgbWm4tQDH2tExuUCWbJMU2DF0hiEheuB7-9yRsB3UE1uZCLtuRaO73y15leuD64Wy5Rxtwl4lI_bj3tc8GdbkQGgrwU-w4fMqEDQjo_puNi794PqJ50IW-VwwKexggiOsYd37-v0LqppsS2E3EAMzqIWdJ-5RcbSy_1lVhfPnZkHdYKwEnYGuTeNai11m9XMpca3NRDH9k1p5P3xC-o_Ezue4YfhezcLTKJfPL2S67RngBo8PlaEFnpGdLx4o7jGB9KFJf-z9tof7LGNaGpEQhJnzk8zyxrc84UkFm8kNNvj2N180_EEM0PS-aGjRuNjrFSiUeC4M76RYg8XvOpxulB4VYoTA9PooIzr5C9g_H4bAU92P5A_tSTSfyce5vCJw9V0MT8wqPAqI7jbMeKky7ZgTsKiN2IU5AiGFm2X-7Na5G_yBXXIiSem3cDBs6Ye-UE4gkTz2WcvNrd5OsAibGxrrVGMavkWuZSdrxM_HlcDtibhOoWGT9cRRCGMqyW0hFI86ThV9_hJVjLtd43RJL8Bgivz8TtF4CJITKM7ljY0msmYSj_BP-nQmzbFNvjlL8brb6N91nWu8FYZHfDzstdlBYOUCe75cXxjQLmgcAj4FNS_-w3aVlQzKs8ZuH1rf-DzUxuiz3kgCP15eaaC9RwuSQ Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	impl_v96.js Show response www.googletagservices.com/dcm/ Frame 622D	49 KB 20 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v96.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 26 Jun 2023 16:55:27 GMT content-encoding gzip x-content-type-options nosniff age 83439 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20157 x-xss-protection 0 last-modified Mon, 22 May 2023 16:41:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 25 Jun 2024 16:55:27 GMT
GET DATA	200 OK	truncated / Frame 622D	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b94c49d24f027cc4c87a44cec982da2d62d1f3db1ff95762fe8af972f1645449 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	e99aace94e6e5873881d3400993e1e7e Show response pv.medialead.de/trck/epv/ Frame F17D	0 366 B	190ms 88ms	Document application/javascript	145.239.193.130 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=28522900111809704444978012368016&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900016.redintelligence.net URL: https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=d88cceed0a&subid=&uid=3d8a17155ad711ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCywGq7AibZJv3JsiX9fgPj4ua6ASm5b2gab2YnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE7QFP0Kt1XxRuJTKtachhJ7cJvJn7_3k1HnWfPGvUMHUxsant1WbSzFz1NhNJmkWTxOIFv1GWF3_UF8j_uY63Tf17QuecY6nh1s5UiEVDnq2lPre0xVogZhfI2me_uzKJ6wUEjXoyVkDToZQRtz-B_hoPJ-OU5LhduvsKVwisBi9SyJt0FjvEsszJy9QqtaNe2mCkVY-5cC90ui9Up1_10ef_NJm9-4jsZrRaCy-tel_lROurnbtEYR7jfMEDAOl-EMuCmMC_i2afEhQq2sJRhhBiPc1SnZDXM-eiQxp0PJzBztHSkSj4qf9BtMVdXOHABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_0NQLIbWr3t2j78a1t93TF7g-gUuw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-Drg4sCeddT5hqlE8Qln0MzPRV448LGyvPx7cxDLCpDfgb3R14rEzzowyt5iajk2P7074nMFiOTDI3RUIx6yxodFWLfXGBje-MNL86_Ww0FchqnKSd4iJfT-s_E12b4qqM_YqAUdC7h6QL_NiP8pVwVtB3ZvUXnJrHXF2BjHv5EdiT6Xbg%26cry%3D1%26dbm_d%3DAKAmf-B-v_V-W82vvzYEcVtCoS9Mmoo1uHg7BhD2A-Iiy3hsKhmza2L8L48kzDJ6rU8rC2vbymK-cDgQ84UR42UehTNN9OrTm8GRYNWMhQqEJOrTPehikc4XMg82V0cbAeJdjAzC2Gcwedbpzn3wY7uwsF6b-3Li5zc4RUyrw35hObiDnofPQRp_-0IsP6lBFHV4PaJ7m0KUslfXQ-9YfscoC5KW-zSi49no0JSxT3XuwgPyP2OnUTKe2GnpOMB5htwsjpGHc8gWyckLyZ-GuzuNfQPHBrhspEG9Blh3zJLBJ1lNQyJ3KIN_JgKYWcMaeCu_0yb5LwbBYU0PBgFtH5IRJ2JvjQlKbozm5tmPfF1PC1-HSAJK-VzEnEfNau8PProIkulQEeAvQH5yyvebOSESaKhazQZhAz9ZT7eYVPuEm34yAhoAyBfObHmDb1Taa9w4DaDK_mZyeYIH1pvJQegvwYZ0rlx42KiC3CJ2ZlxtGI5zAiItpdOJ5DeWGNgw9yi_-wvVxD15fWB5WAzNIhXYSQAJdzwP1w%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=5967333107920&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.193.130 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.17.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 0 Content-Type application/javascript; charset=utf-8 Date Tue, 27 Jun 2023 16:06:06 GMT Host pv.medialead.de Keep-Alive timeout=20 Proxy-Host pv.medialead.de Server nginx/1.17.5 Strict-Transport-Security max-age=15768000 X-IPLB-Instance 40028 X-IPLB-Request-ID D972DA1B:9828_91EFC182:01BB_649B08EE_4A2AC31:1ECFE
GET H2	200	/ Show response adv.office-partner.de/ Frame 1D5A	930 B 931 B	102ms 19ms	Document text/html	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Requested by Host: hal900016.redintelligence.net URL: https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=d88cceed0a&subid=&uid=3d8a17155ad711ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCywGq7AibZJv3JsiX9fgPj4ua6ASm5b2gab2YnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE7QFP0Kt1XxRuJTKtachhJ7cJvJn7_3k1HnWfPGvUMHUxsant1WbSzFz1NhNJmkWTxOIFv1GWF3_UF8j_uY63Tf17QuecY6nh1s5UiEVDnq2lPre0xVogZhfI2me_uzKJ6wUEjXoyVkDToZQRtz-B_hoPJ-OU5LhduvsKVwisBi9SyJt0FjvEsszJy9QqtaNe2mCkVY-5cC90ui9Up1_10ef_NJm9-4jsZrRaCy-tel_lROurnbtEYR7jfMEDAOl-EMuCmMC_i2afEhQq2sJRhhBiPc1SnZDXM-eiQxp0PJzBztHSkSj4qf9BtMVdXOHABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_0NQLIbWr3t2j78a1t93TF7g-gUuw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-Drg4sCeddT5hqlE8Qln0MzPRV448LGyvPx7cxDLCpDfgb3R14rEzzowyt5iajk2P7074nMFiOTDI3RUIx6yxodFWLfXGBje-MNL86_Ww0FchqnKSd4iJfT-s_E12b4qqM_YqAUdC7h6QL_NiP8pVwVtB3ZvUXnJrHXF2BjHv5EdiT6Xbg%26cry%3D1%26dbm_d%3DAKAmf-B-v_V-W82vvzYEcVtCoS9Mmoo1uHg7BhD2A-Iiy3hsKhmza2L8L48kzDJ6rU8rC2vbymK-cDgQ84UR42UehTNN9OrTm8GRYNWMhQqEJOrTPehikc4XMg82V0cbAeJdjAzC2Gcwedbpzn3wY7uwsF6b-3Li5zc4RUyrw35hObiDnofPQRp_-0IsP6lBFHV4PaJ7m0KUslfXQ-9YfscoC5KW-zSi49no0JSxT3XuwgPyP2OnUTKe2GnpOMB5htwsjpGHc8gWyckLyZ-GuzuNfQPHBrhspEG9Blh3zJLBJ1lNQyJ3KIN_JgKYWcMaeCu_0yb5LwbBYU0PBgFtH5IRJ2JvjQlKbozm5tmPfF1PC1-HSAJK-VzEnEfNau8PProIkulQEeAvQH5yyvebOSESaKhazQZhAz9ZT7eYVPuEm34yAhoAyBfObHmDb1Taa9w4DaDK_mZyeYIH1pvJQegvwYZ0rlx42KiC3CJ2ZlxtGI5zAiItpdOJ5DeWGNgw9yi_-wvVxD15fWB5WAzNIhXYSQAJdzwP1w%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=5967333107920&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=604800 content-encoding gzip content-length 552 content-type text/html date Tue, 27 Jun 2023 16:06:06 GMT etag "3a2-5c1ab16b3be00-gzip" expires Tue, 04 Jul 2023 16:06:06 GMT last-modified Thu, 06 May 2021 15:37:28 GMT link <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical" server keycdn-engine vary Accept-Encoding x-accel-version 0.01 x-cache HIT x-edge-location defr
GET H2	200	link.html Show response track.webgains.com/ Frame 22A5	2 KB 2 KB	248ms 139ms	Script text/html	13.41.123.192 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=28522900111809704444978012368016&nw=1 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.41.123.192 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-41-123-192.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash 822b5276030f8c891d5966caaed211f3f44d27941ffe7fa2fcee6c180c71f291 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:07 GMT last-modified Tue, 27 Jun 2023 16:06:06 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Tue, 27 Jun 2023 16:07:06 GMT
GET H2	200	activityi;dc_pre=CKepwKjq4_8CFUrHmgod0M4M2Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=420443128561.9514 Show response 5994599.fls.doubleclick.net/ Frame 8147 Redirect Chain https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=420443128561.9514? https://5994599.fls.doubleclick.net/activityi;dc_pre=CKepwKjq4_8CFUrHmgod0M4M2Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=420443128561.9514?	391 B 286 B	72ms 68ms	Document text/html	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5994599.fls.doubleclick.net/activityi;dc_pre=CKepwKjq4_8CFUrHmgod0M4M2Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=420443128561.9514? Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software cafe / Resource Hash 5bde805ec7b6ce036bef5cf5257e961b7589880659f4e88bc27f7e538623abdb Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 217 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:07 GMT expires Tue, 27 Jun 2023 16:06:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:06 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://5994599.fls.doubleclick.net/activityi;dc_pre=CKepwKjq4_8CFUrHmgod0M4M2Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=420443128561.9514? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	request_content.php Show response hal900016.redintelligence.net/ Frame 19B6	7 KB 2 KB	78ms 26ms	Document text/html	138.201.220.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900016.redintelligence.net/request_content.php?s=28522900111809704444978012368016&a=32bb8a7d Requested by Host: hal900016.redintelligence.net URL: https://hal900016.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=d88cceed0a&subid=&uid=3d8a17155ad711ae&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCywGq7AibZJv3JsiX9fgPj4ua6ASm5b2gab2YnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE7QFP0Kt1XxRuJTKtachhJ7cJvJn7_3k1HnWfPGvUMHUxsant1WbSzFz1NhNJmkWTxOIFv1GWF3_UF8j_uY63Tf17QuecY6nh1s5UiEVDnq2lPre0xVogZhfI2me_uzKJ6wUEjXoyVkDToZQRtz-B_hoPJ-OU5LhduvsKVwisBi9SyJt0FjvEsszJy9QqtaNe2mCkVY-5cC90ui9Up1_10ef_NJm9-4jsZrRaCy-tel_lROurnbtEYR7jfMEDAOl-EMuCmMC_i2afEhQq2sJRhhBiPc1SnZDXM-eiQxp0PJzBztHSkSj4qf9BtMVdXOHABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_0NQLIbWr3t2j78a1t93TF7g-gUuw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-Drg4sCeddT5hqlE8Qln0MzPRV448LGyvPx7cxDLCpDfgb3R14rEzzowyt5iajk2P7074nMFiOTDI3RUIx6yxodFWLfXGBje-MNL86_Ww0FchqnKSd4iJfT-s_E12b4qqM_YqAUdC7h6QL_NiP8pVwVtB3ZvUXnJrHXF2BjHv5EdiT6Xbg%26cry%3D1%26dbm_d%3DAKAmf-B-v_V-W82vvzYEcVtCoS9Mmoo1uHg7BhD2A-Iiy3hsKhmza2L8L48kzDJ6rU8rC2vbymK-cDgQ84UR42UehTNN9OrTm8GRYNWMhQqEJOrTPehikc4XMg82V0cbAeJdjAzC2Gcwedbpzn3wY7uwsF6b-3Li5zc4RUyrw35hObiDnofPQRp_-0IsP6lBFHV4PaJ7m0KUslfXQ-9YfscoC5KW-zSi49no0JSxT3XuwgPyP2OnUTKe2GnpOMB5htwsjpGHc8gWyckLyZ-GuzuNfQPHBrhspEG9Blh3zJLBJ1lNQyJ3KIN_JgKYWcMaeCu_0yb5LwbBYU0PBgFtH5IRJ2JvjQlKbozm5tmPfF1PC1-HSAJK-VzEnEfNau8PProIkulQEeAvQH5yyvebOSESaKhazQZhAz9ZT7eYVPuEm34yAhoAyBfObHmDb1Taa9w4DaDK_mZyeYIH1pvJQegvwYZ0rlx42KiC3CJ2ZlxtGI5zAiItpdOJ5DeWGNgw9yi_-wvVxD15fWB5WAzNIhXYSQAJdzwP1w%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=5967333107920&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.220.201.138.clients.your-server.de Software Apache / Resource Hash 03d6e9166b8016e5250981eb600d4ec28490ea4eb499bd30fd7016c239004d1f Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2051 Content-Type text/html; charset=utf-8 Date Tue, 27 Jun 2023 16:06:06 GMT Expires Tue, 27 Jun 2023 17:06:06 +0200 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	e99aace94e6e5873881d3400993e1e7e pv.medialead.de/trck/eview/ Frame 22A5 Redirect Chain https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28522900111809704444978012368016&t=htlp&gdpr=1&consent=1&gdpr_consent= https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28522900111809704444978012368016&t=htlp&gdpr=1&consent=1&gdpr_consent=	43 B 382 B	140ms 95ms	Image image/gif	145.239.193.130 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28522900111809704444978012368016&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Server 145.239.193.130 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.17.5 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:07 GMT Strict-Transport-Security max-age=15768000 Server nginx/1.17.5 Host pv.medialead.de X-IPLB-Request-ID D972DA1B:9842_91EFC182:01BB_649B08EE_4A21898:1ECFB X-IPLB-Instance 40028 Content-Type image/gif Keep-Alive timeout=20 Content-Length 43 Proxy-Host pv.medialead.de Redirect headers location https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=28522900111809704444978012368016&t=htlp&gdpr=1&consent=1&gdpr_consent= date Tue, 27 Jun 2023 16:06:06 GMT server nginx content-length 154 content-type text/html
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 22A5	43 B 703 B	223ms 156ms	Image image/gif	104.80.244.96 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=28522900111809704444978012368016&pv=1 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.80.244.96 Berlin, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-80-244-96.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:07 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET DATA	200 OK	truncated / Frame 22A5	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ab2f9217e0166109790e98a2f0d896c2bd6b85e96a29b6fa874df5f3a3b04395 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	e99aace94e6e5873881d3400993e1e7e Show response pv.medialead.de/trck/epv/ Frame 1408	0 366 B	187ms 101ms	Document application/javascript	145.239.193.130 OVH
General Check archive.org Show headers Download Go to Full URL https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=61285000097486704444554012368012&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: hal900012.redintelligence.net URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=7611a80998&subid=&uid=052aeb57d2f1a45e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y9J7AibZJr3JsiX9fgPj4ua6ASm5b2gaa2VnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE8AFP0KbpyclW2Sa1xzy8yiH6QskcbJj-IqrIZK-fWXzJQZPSa7I5c9tseO1BemNmTzuhJS8P96aTVXgpYKGg5l18XhzvF3Hq7TiK1gh_N8VLLX3YoOLab5QRRIpoO9AfXuCqA5Bs57yb6JGXGgrCTg8FV_8xsfLKEKu7AG9zrgdgx0S362kvKmeVGzfywaMN5D3tbaeEI0ZP0WkWJ1IrzsB7AlC7EbyU30Y_zhH3QmQh0NKpFD4PtkLuBw3_brfSGr_iHM4bUSQJdTVdCFVnodiVMYKY4yHXdyjXD22P1d-gINVmrPVp4ka_gNN06y786KjABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_35lDNlFpIShNYWGmnN6qgIo6MUgw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-ANKhqXm03jhpbKK3_Zpxiv4AhMlZ1XJXsYg1PdPZMGAkAbKZImUS7r3RG_liPC03C_gkQncShTvhZB3oWIg0Di_yJxF7mmwu1WuVPrVx86yPwbmQERMaKEJQROrV1mRsk1i9jOxgU6r9-DUJiYMl0VsUk3OgwEU1w5cBeYWzUdDz2fcGE%26cry%3D1%26dbm_d%3DAKAmf-BtvJng-lmo8faskJW2K8YcgHxKw9YcE_BKGBZzmGQG_U-YD9eS21uHRyeB-xuDDQx0588en8NqMTt1QEjgZ3nv6P3qpHrcjzzWyVXbsFnx0BkTxuJ6v70q88i_DXRZPj-7YwwdsMFsMW8XpUvZTnu8ZU4-Agtqbxd1z2K0iDZIHjftJFoAMMVQGwvSjWYFgdMaJ11mmO0UH31cXGRvZpok3m3J7De5RWtQJ_QwCA_GCv9_9bDivNUbJq3hlevIBgkMJrp9rDKmZ88d4iEyuP1UFIZM41qZWNcYqVT3f2Ig-A3r2PtInXNKzrav56u-cWx65Mf-HejJKYBReMptrW1_Sjo9J08Xp31MJdZm46Pq9zmu5Hz2H84tDBYkABHwmUto-NX5yag0mtBvqcwEYeSjgKBGJ3Q5vsBGaTEFmunQapFQMkgy7PBMY-1rv4bWJI2CB0gfUPeL10b41sHCue8i3rqCq6-ALY7ZOQqgR4VjpsYaN70Ca9PltPcfPvWmGSgSukNdhW0Kw_ULKpl-aNv7V0Wr8A%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=8161023177924&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.193.130 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.17.5 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 0 Content-Type application/javascript; charset=utf-8 Date Tue, 27 Jun 2023 16:06:07 GMT Host pv.medialead.de Keep-Alive timeout=20 Proxy-Host pv.medialead.de Server nginx/1.17.5 Strict-Transport-Security max-age=15768000 X-IPLB-Instance 40028 X-IPLB-Request-ID D972DA1B:9830_91EFC182:01BB_649B08EE_4A21D2E:1ECFD
GET H2	200	/ Show response adv.office-partner.de/ Frame 68DB	930 B 930 B	39ms 20ms	Document text/html	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Requested by Host: hal900012.redintelligence.net URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=7611a80998&subid=&uid=052aeb57d2f1a45e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y9J7AibZJr3JsiX9fgPj4ua6ASm5b2gaa2VnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE8AFP0KbpyclW2Sa1xzy8yiH6QskcbJj-IqrIZK-fWXzJQZPSa7I5c9tseO1BemNmTzuhJS8P96aTVXgpYKGg5l18XhzvF3Hq7TiK1gh_N8VLLX3YoOLab5QRRIpoO9AfXuCqA5Bs57yb6JGXGgrCTg8FV_8xsfLKEKu7AG9zrgdgx0S362kvKmeVGzfywaMN5D3tbaeEI0ZP0WkWJ1IrzsB7AlC7EbyU30Y_zhH3QmQh0NKpFD4PtkLuBw3_brfSGr_iHM4bUSQJdTVdCFVnodiVMYKY4yHXdyjXD22P1d-gINVmrPVp4ka_gNN06y786KjABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_35lDNlFpIShNYWGmnN6qgIo6MUgw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-ANKhqXm03jhpbKK3_Zpxiv4AhMlZ1XJXsYg1PdPZMGAkAbKZImUS7r3RG_liPC03C_gkQncShTvhZB3oWIg0Di_yJxF7mmwu1WuVPrVx86yPwbmQERMaKEJQROrV1mRsk1i9jOxgU6r9-DUJiYMl0VsUk3OgwEU1w5cBeYWzUdDz2fcGE%26cry%3D1%26dbm_d%3DAKAmf-BtvJng-lmo8faskJW2K8YcgHxKw9YcE_BKGBZzmGQG_U-YD9eS21uHRyeB-xuDDQx0588en8NqMTt1QEjgZ3nv6P3qpHrcjzzWyVXbsFnx0BkTxuJ6v70q88i_DXRZPj-7YwwdsMFsMW8XpUvZTnu8ZU4-Agtqbxd1z2K0iDZIHjftJFoAMMVQGwvSjWYFgdMaJ11mmO0UH31cXGRvZpok3m3J7De5RWtQJ_QwCA_GCv9_9bDivNUbJq3hlevIBgkMJrp9rDKmZ88d4iEyuP1UFIZM41qZWNcYqVT3f2Ig-A3r2PtInXNKzrav56u-cWx65Mf-HejJKYBReMptrW1_Sjo9J08Xp31MJdZm46Pq9zmu5Hz2H84tDBYkABHwmUto-NX5yag0mtBvqcwEYeSjgKBGJ3Q5vsBGaTEFmunQapFQMkgy7PBMY-1rv4bWJI2CB0gfUPeL10b41sHCue8i3rqCq6-ALY7ZOQqgR4VjpsYaN70Ca9PltPcfPvWmGSgSukNdhW0Kw_ULKpl-aNv7V0Wr8A%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=8161023177924&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control max-age=604800 content-encoding gzip content-length 552 content-type text/html date Tue, 27 Jun 2023 16:06:06 GMT etag "3a2-5c1ab16b3be00-gzip" expires Tue, 04 Jul 2023 16:06:06 GMT last-modified Thu, 06 May 2021 15:37:28 GMT link <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical" server keycdn-engine vary Accept-Encoding x-accel-version 0.01 x-cache HIT x-edge-location defr
GET H2	200	link.html Show response track.webgains.com/ Frame BE25	2 KB 2 KB	167ms 120ms	Script text/html	13.41.123.192 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=61285000097486704444554012368012&nw=1 Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.41.123.192 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-41-123-192.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash da416110761cdd821c234e43530067a51236d9967b5947a7a206096ce1cb7570 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:07 GMT last-modified Tue, 27 Jun 2023 16:06:06 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Tue, 27 Jun 2023 16:07:06 GMT
GET H2	200	activityi;dc_pre=CIKrwKjq4_8CFZLSmgodMTUOHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=197139523838.1013 Show response 5994599.fls.doubleclick.net/ Frame 9AF8 Redirect Chain https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=197139523838.1013? https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKrwKjq4_8CFZLSmgodMTUOHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=197139523838.1013?	391 B 325 B	72ms 68ms	Document text/html	142.250.186.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKrwKjq4_8CFZLSmgodMTUOHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=197139523838.1013? Requested by Host: travel.yam.com URL: https://travel.yam.com/article/129227 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f6.1e100.net Software cafe / Resource Hash 8e5b8035be598df38cf599d8e6c79815b6f4360e580783e7b17d6740ebdedad4 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 216 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:07 GMT expires Tue, 27 Jun 2023 16:06:07 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:06 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKrwKjq4_8CFZLSmgodMTUOHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=197139523838.1013? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	request_content.php Show response hal900012.redintelligence.net/ Frame C8FB	7 KB 2 KB	79ms 27ms	Document text/html	94.130.102.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900012.redintelligence.net/request_content.php?s=61285000097486704444554012368012&a=527fb509 Requested by Host: hal900012.redintelligence.net URL: https://hal900012.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=7611a80998&subid=&uid=052aeb57d2f1a45e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2Y9J7AibZJr3JsiX9fgPj4ua6ASm5b2gaa2VnKfJD_AuEAEgzN2HIWCVypOCoAfIAQmpAtTCo7LyXrI-qAMByAObBKoE8AFP0KbpyclW2Sa1xzy8yiH6QskcbJj-IqrIZK-fWXzJQZPSa7I5c9tseO1BemNmTzuhJS8P96aTVXgpYKGg5l18XhzvF3Hq7TiK1gh_N8VLLX3YoOLab5QRRIpoO9AfXuCqA5Bs57yb6JGXGgrCTg8FV_8xsfLKEKu7AG9zrgdgx0S362kvKmeVGzfywaMN5D3tbaeEI0ZP0WkWJ1IrzsB7AlC7EbyU30Y_zhH3QmQh0NKpFD4PtkLuBw3_brfSGr_iHM4bUSQJdTVdCFVnodiVMYKY4yHXdyjXD22P1d-gINVmrPVp4ka_gNN06y786KjABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB%26sig%3DAOD64_35lDNlFpIShNYWGmnN6qgIo6MUgw%26client%3Dca-pub-2675037296853968%26dbm_c%3DAKAmf-ANKhqXm03jhpbKK3_Zpxiv4AhMlZ1XJXsYg1PdPZMGAkAbKZImUS7r3RG_liPC03C_gkQncShTvhZB3oWIg0Di_yJxF7mmwu1WuVPrVx86yPwbmQERMaKEJQROrV1mRsk1i9jOxgU6r9-DUJiYMl0VsUk3OgwEU1w5cBeYWzUdDz2fcGE%26cry%3D1%26dbm_d%3DAKAmf-BtvJng-lmo8faskJW2K8YcgHxKw9YcE_BKGBZzmGQG_U-YD9eS21uHRyeB-xuDDQx0588en8NqMTt1QEjgZ3nv6P3qpHrcjzzWyVXbsFnx0BkTxuJ6v70q88i_DXRZPj-7YwwdsMFsMW8XpUvZTnu8ZU4-Agtqbxd1z2K0iDZIHjftJFoAMMVQGwvSjWYFgdMaJ11mmO0UH31cXGRvZpok3m3J7De5RWtQJ_QwCA_GCv9_9bDivNUbJq3hlevIBgkMJrp9rDKmZ88d4iEyuP1UFIZM41qZWNcYqVT3f2Ig-A3r2PtInXNKzrav56u-cWx65Mf-HejJKYBReMptrW1_Sjo9J08Xp31MJdZm46Pq9zmu5Hz2H84tDBYkABHwmUto-NX5yag0mtBvqcwEYeSjgKBGJ3Q5vsBGaTEFmunQapFQMkgy7PBMY-1rv4bWJI2CB0gfUPeL10b41sHCue8i3rqCq6-ALY7ZOQqgR4VjpsYaN70Ca9PltPcfPvWmGSgSukNdhW0Kw_ULKpl-aNv7V0Wr8A%26adurl%3D&documentReferer=https%3A%2F%2Ftravel.yam.com%2F&ancestorOrigins=https%3A%2F%2Ftravel.yam.com&random=8161023177924&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.102.130.94.clients.your-server.de Software Apache / Resource Hash d8d1c0f0970dcde6b082ffe40cf182d18e9ab128e9a0f69b017a33a7aa11f9af Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 2048 Content-Type text/html; charset=utf-8 Date Tue, 27 Jun 2023 16:06:06 GMT Expires Tue, 27 Jun 2023 17:06:06 +0200 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	e99aace94e6e5873881d3400993e1e7e pv.medialead.de/trck/eview/ Frame BE25 Redirect Chain https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61285000097486704444554012368012&t=htlp&gdpr=1&consent=1&gdpr_consent= https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61285000097486704444554012368012&t=htlp&gdpr=1&consent=1&gdpr_consent=	43 B 382 B	141ms 94ms	Image image/gif	145.239.193.130 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61285000097486704444554012368012&t=htlp&gdpr=1&consent=1&gdpr_consent= Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Server 145.239.193.130 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.17.5 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:07 GMT Strict-Transport-Security max-age=15768000 Server nginx/1.17.5 Host pv.medialead.de X-IPLB-Request-ID D972DA1B:9844_91EFC182:01BB_649B08EE_4A2AC44:1ECFE X-IPLB-Instance 40028 Content-Type image/gif Keep-Alive timeout=20 Content-Length 43 Proxy-Host pv.medialead.de Redirect headers location https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=61285000097486704444554012368012&t=htlp&gdpr=1&consent=1&gdpr_consent= date Tue, 27 Jun 2023 16:06:06 GMT server nginx content-length 154 content-type text/html
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame BE25	43 B 703 B	165ms 112ms	Image image/gif	104.80.244.96 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=61285000097486704444554012368012&pv=1 Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.80.244.96 Berlin, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-80-244-96.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Jun 2023 16:06:07 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET DATA	200 OK	truncated / Frame BE25	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d879601b1b0623a4a56953214112550c745cbcba81b227cdfa8355acf75ef51f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H3	200	css fonts.googleapis.com/ Frame 19B6	5 KB 682 B	31ms 31ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Requested by Host: hal900016.redintelligence.net URL: https://hal900016.redintelligence.net/request_content.php?s=28522900111809704444978012368016&a=32bb8a7d Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900016.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 27 Jun 2023 16:06:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 27 Jun 2023 15:38:02 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 27 Jun 2023 16:06:06 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 19B6	92 KB 92 KB	80ms 27ms	Image image/png	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg Requested by Host: hal900016.redintelligence.net URL: https://hal900016.redintelligence.net/request_content.php?s=28522900111809704444978012368016&a=32bb8a7d Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash f12e4e3e9fbb017230a543fcb80613033b35890ce9292a6b878982129c163afe Request headers accept-language de-DE,de;q=0.9 Referer https://hal900016.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:06 GMT Content-Encoding gzip Server Apache Connection close Vary Accept-Encoding Transfer-Encoding chunked Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 19B6	76 KB 77 KB	143ms 92ms	Image image/png	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg Requested by Host: hal900016.redintelligence.net URL: https://hal900016.redintelligence.net/request_content.php?s=28522900111809704444978012368016&a=32bb8a7d Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash 5d90514d00d14e9480e078060eea48896f0abe910167ebfeb21ab3fe4e573a3a Request headers accept-language de-DE,de;q=0.9 Referer https://hal900016.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:07 GMT Content-Encoding gzip Server Apache Connection close Vary Accept-Encoding Transfer-Encoding chunked Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame 19B6	79 KB 79 KB	190ms 130ms	Image image/png	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg Requested by Host: hal900016.redintelligence.net URL: https://hal900016.redintelligence.net/request_content.php?s=28522900111809704444978012368016&a=32bb8a7d Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash 14447e6cf6a8fbf241e0c742f41788ad0fbaae796a10852ca03a3fd4facf8c93 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900016.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:07 GMT Content-Encoding gzip Server Apache Connection close Vary Accept-Encoding Transfer-Encoding chunked Content-Type image/png
GET H3	200	gtm.js Show response www.googletagmanager.com/ Frame 1D5A	113 KB 44 KB	34ms 30ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1325d1a70e5582840e0924621d6d157e2c01c469619b3300655c279578de972d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44593 x-xss-protection 0 last-modified Tue, 27 Jun 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 27 Jun 2023 16:06:06 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/ Frame 68DB	113 KB 44 KB	40ms 39ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF Requested by Host: adv.office-partner.de URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1325d1a70e5582840e0924621d6d157e2c01c469619b3300655c279578de972d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://adv.office-partner.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44593 x-xss-protection 0 last-modified Tue, 27 Jun 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 27 Jun 2023 16:06:06 GMT
GET H3	200	css fonts.googleapis.com/ Frame C8FB	5 KB 682 B	33ms 32ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Requested by Host: hal900012.redintelligence.net URL: https://hal900012.redintelligence.net/request_content.php?s=61285000097486704444554012368012&a=527fb509 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900012.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 27 Jun 2023 16:06:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 27 Jun 2023 15:23:35 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 27 Jun 2023 16:06:06 GMT
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame C8FB	16 KB 16 KB	89ms 27ms	Image image/png	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg Requested by Host: hal900012.redintelligence.net URL: https://hal900012.redintelligence.net/request_content.php?s=61285000097486704444554012368012&a=527fb509 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash f4d2ce26ca351b9b0dcf439f2a3169b2167e4f724d74553198325df12be28546 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900012.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:07 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16231 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame C8FB	16 KB 16 KB	86ms 25ms	Image image/png	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg Requested by Host: hal900012.redintelligence.net URL: https://hal900012.redintelligence.net/request_content.php?s=61285000097486704444554012368012&a=527fb509 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash e7ac5c4f400e4f71b8e3ed3ecedf25d4164e3a3a92246506ba932e6aaaaae468 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900012.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:07 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16512 Vary Accept-Encoding Content-Type image/png
GET H/1.1	200 OK	/ hal9000.redintelligence.net/scale/ Frame C8FB	17 KB 17 KB	87ms 26ms	Image image/png	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg Requested by Host: hal900012.redintelligence.net URL: https://hal900012.redintelligence.net/request_content.php?s=61285000097486704444554012368012&a=527fb509 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash ff18a10e6b84764b0b8fc58ee2b9b6a192e54a02da76385c2f42f7043fbc7bd9 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900012.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:07 GMT Content-Encoding gzip Server Apache Connection close Content-Length 16841 Vary Accept-Encoding Content-Type image/png
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 92BC	0 20 B	61ms 57ms	Image image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BagG-7gibZL38AaKO9u8PveOWkA8AAAAAOAHgBAI&bg=!OjmlOW3NAAYQ3eRoMN07ADkAdvg8WqUFeaYlg7c7QsJyp2WhfHCXJEMEAt93v92IHe3qa0WR4AY6IhgTwh8xk5C9FEAcHa_MQ3YCAAABK1IAAAAGaAEHmQLulJllYr-jSzH3IKk1AsVg7SgiQ3x_Waz48cbjfI3SbWtF7WoFOqjNA3h0MKo6LTjL2eVqy7nq5GVzprHAlH4743TvU1EM6KjF576sd8cFQOW925OAB1JVx66WVzWqVlcVs0WoKOO_USXjCQPc-SjmAYzu7GbhzuCOJR7p_bBEv0D7KZBtjbbJAwNETsMTyAgQ45L4RqfFXb4GA5FRHoKd1AXuNn2cLEid-uOlP-j3opOW9nSrKPYqT8Th9z4_FHEhXCqlQP_lDpFLe2wRsAqYAuqkMTF1QPO7JOM9chIPJRnxWH7EkKX_KGTcLSO4Qa1rxBiTxDnGUURkj4vkVfhX9jL2lqXvxUgFIP9rq3q3bgknGeHig9NndYhr036nOaHPeRjpZdqJfTvID0N7wEpcngovQwz3VEByxaL_GQ6nGOCGueIjT6qBSyTG4IygG495WuqPFmtctuFlJXSE-4rcnD4deTwBgzFNOhlkJfScS65ER77wFdv_93dSujkN449ipiBr6s2_uRR-k5HO62UWhZuG_V6IpBF2vIZ_hPzMKfonWwCXkIiwzZ9Xcb5hq18XKSMSQM3CJSaddB5gwVMjC7zayi1AKrm_mUEXbvS4LtG19gnUr81GhHFtKkAw5hnVAMgcTf6qDLBiL7dub1jFYxeERcJyr9I3RhGJa7QaGnCzdG8dKqbYmUEmt69AJLuj8nhCasMys5ATi5KFgRM3juXAP-qiimpGdB3PAvH5iwj2tPncTdKCnfLlIeiC3UIK8qYJGberDMil2BbEAA-h95LOmhdIk7yIvyWIS285Wo7h881s1HLyFOyXulwN7kI9tguCeapEgTjEawNVeiUdddYNWny3Pm2-jSnDHZq5Tlagyy11bL72MrO6VnbJJNY1znn8tcffuQzZmMx0Wjznw2XcoAp4F64mw_MbCISTRyXGOOLAaujXqVst__xYjv7jTLscIUoTfksT9Tt7kOB_4kz0xjxba_z31wAmzVVo Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:07 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900016.redintelligence.net/ Frame 19B6	0 150 B	87ms 27ms	Script text/html	138.201.220.30 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900016.redintelligence.net/viewability?s=28522900111809704444978012368016&a=f657c5b3&vb=m Requested by Host: hal900016.redintelligence.net URL: https://hal900016.redintelligence.net/request_content.php?s=28522900111809704444978012368016&a=32bb8a7d Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.30.220.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900016.redintelligence.net/request_content.php?s=28522900111809704444978012368016&a=32bb8a7d User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:07 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H3	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/ Frame 19B6	14 KB 15 KB	26ms 24ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hal900016.redintelligence.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 25 Jun 2023 02:18:56 GMT x-content-type-options nosniff age 222430 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14824 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 24 Jun 2024 02:18:56 GMT
GET H3	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/ Frame 19B6	15 KB 15 KB	27ms 24ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hal900016.redintelligence.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 26 Jun 2023 18:50:39 GMT x-content-type-options nosniff age 76527 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14892 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Jun 2024 18:50:39 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B2D5	42 B 174 B	58ms 57ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4ZrDwPDC3z7tWShGEuz8P9zdboBuV42uF4xk-SkZqrnvl7TUUOilh0WE8ol41yqUZ8XwFt0RBKjvbuXagAbr06uZk7NFTXmfL5Il6Ct07yQfjlIPOxPPC-f-ikspDgGqx6BMKLgxufsFH&sai=AMfl-YRnqXdK_nsfiRmXwqpPmg_Z-8DrEYg0PflRqt-pMzkI-cKORepACQhmkxjjXk4E2OiwV_q34sChEMWbDGlOzxDmwDEPcwAybrhZTfnaDz2vYSeuO_jKETxGEwhfAuhNkMKz4dRVG-MEY0bX&sig=Cg0ArKJSzINK8BlPkWOREAE&cid=CAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB&id=lidar2&mcvt=1105&p=127,250,427,1000&mtos=1105,1105,1105,1105,1105&tos=1105,0,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3177439553&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687881965321&rpt=700&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:07 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_pre=CIKrwKjq4_8CFZLSmgodMTUOHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=197139523838.1013 adservice.google.com/ddm/fls/z/ Frame 9AF8	42 B 262 B	61ms 61ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CIKrwKjq4_8CFZLSmgodMTUOHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=197139523838.1013 Requested by Host: 5994599.fls.doubleclick.net URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIKrwKjq4_8CFZLSmgodMTUOHA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=197139523838.1013? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://5994599.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:07 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_pre=CKepwKjq4_8CFUrHmgod0M4M2Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=420443128561.9514 adservice.google.com/ddm/fls/z/ Frame 8147	42 B 107 B	60ms 60ms	Image image/gif	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CKepwKjq4_8CFUrHmgod0M4M2Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=420443128561.9514 Requested by Host: 5994599.fls.doubleclick.net URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKepwKjq4_8CFUrHmgod0M4M2Q;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=420443128561.9514? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://5994599.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:07 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900012.redintelligence.net/ Frame C8FB	0 150 B	86ms 28ms	Script text/html	94.130.102.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900012.redintelligence.net/viewability?s=61285000097486704444554012368012&a=fa08e398&vb=m Requested by Host: hal900012.redintelligence.net URL: https://hal900012.redintelligence.net/request_content.php?s=61285000097486704444554012368012&a=527fb509 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.102.130.94.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://hal900012.redintelligence.net/request_content.php?s=61285000097486704444554012368012&a=527fb509 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Tue, 27 Jun 2023 16:06:07 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame BE25	85 KB 31 KB	115ms 24ms	Script text/javascript	18.66.147.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=61285000097486704444554012368012&nw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-52.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 00:08:33 GMT content-encoding gzip via 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront) last-modified Wed, 15 Mar 2023 17:26:29 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 57455 etag W/"876c293e6c37046ecb0c11ce2e276942" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript x-amz-cf-id 4w3iLkui4oS2OdFoCGA2q2L72_4jWyOocLQDL_5FC9d2TGxfB-jEIg==
GET H2	200	1x1.gif cdn.track.production.webgains.team/7121/ Frame BE25	85 B 437 B	96ms 19ms	Image image/gif	99.86.4.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1687882267&Signature=pXl~4xsDV4ktaGxB20cvOSz60EZfBdJ8fOP8qeP1CotciW0I-fvxzYLR0O4siNom7og9rKLbJnMTKMdT0-IeExYka6rUbMg7UZIlcM-L2N2BO1v9bmV9K1x7Sj2JelRlRJjkw30x1ZKLVLsl7eyJU4nr3juiP6jNfoXvJt5IbYgLYn06EpBY6VgC23plXsKruNkcg1PBOUo1qkieabM-lu40FisT7D2xZv9hT792-fmQ13o3Ap1jPUpHkRWLBe7soDn~Wh0sT8OXnsHTXdsxJxrRVZ2IA3NU2vwCucd7k0~5W3q6ly7k-VEf~TClnDLdAlWJQx7QeeYIRcnfUsV75g__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: 2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com URL: https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-53.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id null date Tue, 27 Jun 2023 02:36:53 GMT via 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 11:40:06 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 57955 etag "70af33d70b6810475aae19743c8c435b" vary Accept-Encoding x-cache Hit from cloudfront content-type image/gif accept-ranges bytes content-length 85 x-amz-cf-id 9NGGV_ifcZcYJktwgAHvzKGPNMzoxwioIEKI83AE-fopaOv2UFTGqg==
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame 22A5	85 KB 31 KB	133ms 43ms	Script text/javascript	18.66.147.52 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=28522900111809704444978012368016&nw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.52 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-52.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 00:08:33 GMT content-encoding gzip via 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront) last-modified Wed, 15 Mar 2023 17:26:29 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 age 57455 etag W/"876c293e6c37046ecb0c11ce2e276942" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript x-amz-cf-id gHDHo5n0uOE6XEQbv_OmPh0E6HR6kVcEiUbURHT9EVvMmp9yu3ztiQ==
GET H2	200	1x1.gif cdn.track.production.webgains.team/7121/ Frame 22A5	85 B 436 B	96ms 20ms	Image image/gif	99.86.4.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1687882267&Signature=pXl~4xsDV4ktaGxB20cvOSz60EZfBdJ8fOP8qeP1CotciW0I-fvxzYLR0O4siNom7og9rKLbJnMTKMdT0-IeExYka6rUbMg7UZIlcM-L2N2BO1v9bmV9K1x7Sj2JelRlRJjkw30x1ZKLVLsl7eyJU4nr3juiP6jNfoXvJt5IbYgLYn06EpBY6VgC23plXsKruNkcg1PBOUo1qkieabM-lu40FisT7D2xZv9hT792-fmQ13o3Ap1jPUpHkRWLBe7soDn~Wh0sT8OXnsHTXdsxJxrRVZ2IA3NU2vwCucd7k0~5W3q6ly7k-VEf~TClnDLdAlWJQx7QeeYIRcnfUsV75g__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=28522900111809704444978012368016&nw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-53.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id null date Tue, 27 Jun 2023 02:36:53 GMT via 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 11:40:06 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 57955 etag "70af33d70b6810475aae19743c8c435b" vary Accept-Encoding x-cache Hit from cloudfront content-type image/gif accept-ranges bytes content-length 85 x-amz-cf-id 74S_Q2NL8jcrLLUrxYp0XYrghYiVmC-dwN3DHA80MKZL5r7ShrBpGQ==
GET H3	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/ Frame C8FB	14 KB 15 KB	20ms 19ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hal900012.redintelligence.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 25 Jun 2023 02:18:56 GMT x-content-type-options nosniff age 222431 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14824 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 24 Jun 2024 02:18:56 GMT
GET H3	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/ Frame C8FB	15 KB 15 KB	21ms 20ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hal900012.redintelligence.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 26 Jun 2023 18:50:39 GMT x-content-type-options nosniff age 76528 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14892 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Jun 2024 18:50:39 GMT
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=ED9DF687538D4874B707B3CF2190155C&RedC=c.clarity.ms&MXFR=3622CB26DA7B6A512611D81BDE7B64AF https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ED9DF687538D4874B707B3CF2190155C&MUID=17AAE48EE61D69B6223EF7B3E7B168AA	42 B 443 B	40ms 40ms	Image image/gif	68.219.88.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ED9DF687538D4874B707B3CF2190155C&MUID=17AAE48EE61D69B6223EF7B3E7B168AA Protocol H2 Server 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:06 GMT last-modified Tue, 06 Jun 2023 17:31:23 GMT server Microsoft-IIS/10.0 etag "dca6ffb69c98d91:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Tue, 27 Jun 2023 16:06:07 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 237D21D4D357429A9108BB64BC2E4F53 Ref B: FRA31EDGE0713 Ref C: 2023-06-27T16:06:07Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=ED9DF687538D4874B707B3CF2190155C&MUID=17AAE48EE61D69B6223EF7B3E7B168AA cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	80ms 80ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306220101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f12b81be9b50c88db331e15ea7c1f087f83902d5eb6daad89441c5d942fa4b5b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:07 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11187 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	33ms 33ms	Script text/javascript	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306220101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 27 Jun 2023 16:06:07 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame D867	13 KB 5 KB	26ms 21ms	Document text/html	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3703 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 15:04:24 GMT expires Wed, 26 Jun 2024 15:04:24 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame D8C0	783 B 537 B	36ms 33ms	Document text/html	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c291a66e72a275eba0bd22b056bf2c8aad19c6a6c76ca7ddf09e8261af179717 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-WlbsJgZ4KRbMqM8KXj5LCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://travel.yam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 515 content-security-policy script-src 'report-sample' 'nonce-WlbsJgZ4KRbMqM8KXj5LCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 27 Jun 2023 16:06:07 GMT expires Tue, 27 Jun 2023 16:06:07 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Show response pagead2.googlesyndication.com/bg/ Frame D867	37 KB 14 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/qZsn1HeCCcmFdGByhVB6w33s6gTjWS7DN31yxJZZZvY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a99b27d4778209c98574607285507ac37decea04e3592ec3377d72c4965966f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 15:01:52 GMT content-encoding br x-content-type-options nosniff age 3855 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14515 x-xss-protection 0 last-modified Mon, 19 Jun 2023 09:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 26 Jun 2024 15:01:52 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame D8C0	0 0	104ms 104ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306220101&jk=2289240284352669&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame D867	0 10 B	24ms 24ms	Image text/plain	2a00:1450:4001:806::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?WbC93Q Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 27 Jun 2023 16:06:07 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H/1.1	204 No Content	collect Show response q.clarity.ms/	0 294 B	666ms 457ms	XHR text/plain	20.231.53.73 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://q.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.8/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://travel.yam.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Access-Control-Allow-Origin https://travel.yam.com Date Tue, 27 Jun 2023 16:06:08 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 622D	42 B 64 B	59ms 59ms	Fetch image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstASiHrLwNBpXvtgpaQEzsw18vwxMLB3CVf_TrLiVumz774idgUcLzuyM0ATQEYIMYayYYT870Kz6GrIuUI7t5W0d5WjU3u6cGrLc1IkwLzcelMS8Djhd429l0q0KrONq4yZ2JQKhQMwBhT&sai=AMfl-YR2W_mc_8Uf04OkOQ0W-OwSwLeK5aPXpJXogFNfTfe_8ennWRF6UbjmCNfUQlkbJIcEplHTQEKMNrNKodg3OzHrAdVw7mGeoCryM-panRgL5UoNAh2ulD4S6X4bZSdBncGv8TPD2cWXep06&sig=Cg0ArKJSzHxFZNHcvN9PEAE&cid=CAQSSwBygQiDndxYW8oNjSztc5EhT-tUQnnI4Jo0mNqpgrqwN14jpfc-JBv2y6v_f2wh5g3rP0RLIqR_N4TDRNgq0TJKJSNzeTsfqM-Q8BgB&id=lidar2&mcvt=1000&p=127,1086,381,1386&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230626&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=857917899&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687881965351&rpt=1429&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:07 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 622D	0 20 B	54ms 54ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5231799818264&version=m202301230201&ct=76&x=1&cor=4495041482684491300 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:07 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	tracking-event Show response api.webgains.io/ Frame 22A5	16 B 209 B	82ms 82ms	Fetch application/json	18.168.234.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.168.234.149 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-168-234-149.eu-west-2.compute.amazonaws.com Software nginx / PHP/8.1.14 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers date Tue, 27 Jun 2023 16:06:08 GMT x-content-type-options nosniff server nginx x-powered-by PHP/8.1.14 content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	128ms 38ms	Preflight	18.168.234.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.168.234.149 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-168-234-149.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Tue, 27 Jun 2023 16:06:08 GMT server nginx
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	119ms 37ms	Preflight	18.168.234.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.168.234.149 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-168-234-149.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-headers Authorization, Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Tue, 27 Jun 2023 16:06:08 GMT server nginx
POST H2	200	tracking-event Show response api.webgains.io/ Frame BE25	16 B 209 B	76ms 75ms	Fetch application/json	18.168.234.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.168.234.149 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-168-234-149.eu-west-2.compute.amazonaws.com Software nginx / PHP/8.1.14 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers date Tue, 27 Jun 2023 16:06:08 GMT x-content-type-options nosniff server nginx x-powered-by PHP/8.1.14 content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	59ms 59ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306220101&jk=2289240284352669&bg=!_v2l_anNAAYQ3eRoMN07ADkAdvg8WrFOrossZypSufxVmKoXbo7gWUgHUTMYV7-94cUiGfEAiK_zWyCDs-ATKo1i4QXhbF-Plu0CAAAAYVIAAAADaAEHmQKc4zWgUFjlr-JTldVAdfRvGEOo43t0dV5S2urdP8Cqx-k3CTsRwBQq7Qi67IW9i-Qtte75jZ6UN69lEFFhFzb27v1CtugiheSsL29XptUkGwDHnHnLzjRbu-QR4JSs1FLYQQOp-yo8J5BE8ixKsiiXeFNv2qhnXTmyR0qDX44Jrj9XV3KQmujrjV8EuMeT7UeEpwVcBz4Sy7j2nSYgtR9ktnZODBea_HIS7cGS-Kh6Ah9gaxMhnBfKenwKYqzgLF4K53XZbmLjediSbByDzC0f_bYAbELF_8fzwz1CTMYMH7B571cFcNpiRHgIVnsc9wyuyhRln33qTWcJb6CgPM6U4JmiM_wI8IH_pDg1ZaAVmQUlI-ygMm_UutapyPkw4SOi6PeHbE6Ibtsvg6j41kazLirx0lRAVdmAn9RfMeHc-GP64iFS3sdS7IToH-uwKAZ-CTyj4AXjpmKTcGkRtvFRGxRuy3w9ZucjfUXweqlWSrawRAtP10W3oxI2chKUOPHIgKP6chTcRb6XKR5oj78MMjmh5zgXt7tTMnnkaAJ-7WkmA1wQq8WMcvcVAH_ecKGMMI6Rbq7JebTz6-vpXj0ZSqOm0sFAmKxtPAJSd-pqAoGbJoSykR046AZ_dKjJb0IoIVlsqtDBgPSGgUT5xPb3AXIvnT28L5-uVTijcC65bEMgSem0_1P9sDNVeap0j0ADeWUGMEHwW9o6nfOqDjPkbCp1DDAXWqZW0BkVz4NYhqvJK2Q2wseG_VDX_mcFylOBnGMx90mpoObsw91oV4q2NFcsv4MdlHtl0hIhtSRxfmWXXGHH3EmIdfaYS7-8acKo8j9Q6H9_jZpu-Lb1sEUYeCcCIg8BH9ZVnjZipphqYJOkZElxmaud3hOrnM0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://travel.yam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE25	0 20 B	57ms 57ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1492753088087&version=m202301230201&ct=77&x=1&cor=743193040997415800 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:08 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 22A5	0 20 B	54ms 54ms	Ping image/gif	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9666664049754&version=m202301230201&ct=77&x=1&cor=5204535191014448000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://2051cef3c435e81282a5f9ff02114c43.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 27 Jun 2023 16:06:08 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	collect Show response q.clarity.ms/	0 294 B	108ms 107ms	XHR text/plain	20.231.53.73 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://q.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.8/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://travel.yam.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Access-Control-Allow-Origin https://travel.yam.com Date Tue, 27 Jun 2023 16:06:11 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8