bdesheba.com Open in urlscan Pro
66.187.6.115 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bdesheba.com/
Submission: On March 05 via api (March 5th 2023, 10:36:14 pm UTC) from US — Scanned from DE

Summary HTTP 156 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 36 domains to perform 156 HTTP transactions. The main IP is 66.187.6.115, located in Miami, United States and belongs to HOSTODO, US. The main domain is bdesheba.com.

This is the only time bdesheba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	66.187.6.115 66.187.6.115	399804 (HOSTODO) (HOSTODO)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
28	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
17	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
2 2	23.35.209.176 23.35.209.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2 2	34.248.220.170 34.248.220.170	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 1	52.29.55.65 52.29.55.65	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:20e... 2600:9000:20eb:c600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	104.87.133.65 104.87.133.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.251.208.166 142.251.208.166	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
156	27

37 66.187.6.115 (Miami, United States)

ASN399804 (HOSTODO, US)
PTR: mars.dnsfest.com

bdesheba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.209.176 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-176.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.220.170 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-220-170.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.55.65 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-55-65.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:c600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.87.133.65 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-133-65.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	bdesheba.com bdesheba.com	371 KB
34	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 27714 ad4m.at — Cisco Umbrella Rank: 9563 assets.ad4m.at — Cisco Umbrella Rank: 36511	2 MB
28	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 ad.doubleclick.net — Cisco Umbrella Rank: 171	53 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	282 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 98313 static-de.ad4mat.net — Cisco Umbrella Rank: 125900	11 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16123	3 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	4 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	146 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
3	gstatic.com fonts.gstatic.com	40 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 725	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 654	926 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2292	791 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	916 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1839	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 741 s.tribalfusion.com — Cisco Umbrella Rank: 1813	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8947	696 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	121 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 64834	475 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 79815	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 68257	435 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 71628	261 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 701	442 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 6276	554 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 34240	612 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	265 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	864 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1367	351 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 678	729 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 712	336 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1084	213 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1398	584 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	463 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
156	36

	Domain	Requested by
37	bdesheba.com	bdesheba.com
17	cm.g.doubleclick.net	googleads.g.doubleclick.net
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
11	pagead2.googlesyndication.com	bdesheba.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	assets.ad4m.at	as.ad4m.at
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com bdesheba.com googleads.g.doubleclick.net
4	www.awin1.com	1 redirects as.ad4m.at
4	ssum-sec.casalemedia.com	4 redirects
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	static-de.ad4mat.net	as.ad4m.at
3	www.googletagservices.com	googleads.g.doubleclick.net
3	prod-rtb.ad4mat.net	bdesheba.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	ad.doubleclick.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	match.360yield.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	bdesheba.com www.googletagmanager.com
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	s.ad.smaato.net	1 redirects
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	onetag-sys.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	bdesheba.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
156	45

This site contains links to these domains. Also see Links.

Domain
web.facebook.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
bdesheba.com R3	`2023-01-21` - `2023-04-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-02-11` - `2023-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh

This page contains 23 frames:

Primary Page: http://bdesheba.com/
Frame ID: 330C52CC4346435C13D9D2E6EDD2F971
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: 8806D6D1F57E2489CC22325652AF150F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&adk=1812271804&adf=3025194257&lmt=1678055768&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=http%3A%2F%2Fbdesheba.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1678055768228&bpp=3&bdt=922&idt=273&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8092147552327&frm=20&pv=2&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=357
Frame ID: 3D610C863E61BC7242CD9AC1050B2F7F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=600&adk=2501168263&adf=2771890006&pi=t.aa~a.1697038023~rp.4&daaos=1678050882417&w=300&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=300x600&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1678055768987&bpp=3&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0&nras=2&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1qA1GSWxsy&p=http%3A//bdesheba.com&dtd=28
Frame ID: 2D4FCA64DD5F6BE448D111A1065B9108
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=200&adk=2750636891&adf=2657007777&pi=t.aa~a.3376321272~rp.4&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x200&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=2&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600&nras=3&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6lDmn5IVir&p=http%3A//bdesheba.com&dtd=43
Frame ID: 55419B9EAEB8FC9CFD0D14FCDE5F2A07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1684538416&adf=2347993287&pi=t.aa~a.3975233358~rp.1&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200&nras=4&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=UsLrihClRm&p=http%3A//bdesheba.com&dtd=57
Frame ID: 16BA7984BB3A35FC25532DACA7B3BBC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1055022455&adf=1967474185&pi=t.aa~a.3376315274~rp.4&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=1&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200%2C348x50&nras=5&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=FeZf7JZjGR&p=http%3A//bdesheba.com&dtd=62
Frame ID: 6B4CD0E1A1F1E3BF61E7008DFA84E267
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CE4AJWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExAFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJBy2x-B4S8kjw9SBjdmUH7k2lFWBPdYOzGV9zIZN9n4M7brYUxWcXgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTkzMDE3NTE2NjUxODExGAA&sigh=vxX450F5GXc&uach_m=[UACH]&cid=CAQSPADUE5ym0DfOgR5mUUdL-aQNNizlQveEnQv26poDHhx7rZwGJ4VFXkEtqOmBszbdtZIcPEqMFYHwAZabDhgB
Frame ID: CD2E4659E044222ACF9A72B730497A1B
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jyvbbye4x4jgq2cvh67z83k9xnbnxfgw12c1v4vx7ecxnamenpzxmsye2mgsz3jdnztf0n7vadm2d4z6r0d25e1c9whgqvqe8ed9cpk72nnc0z4gdqvdebxrdxv1a3zywme8v0bcrr8wz4dbamj46qq1tgndxmzwasyhqd559bshcap7dbnwkp5y699ax3cmfmttm5wspxakx86b9n38tdz66f2zt7h5gqjqxrjkn5r03dc06w2mce0j527z0eb7hw07jxsxfwtxwbq4w43qcwa31e1zbjcbwpg2k0zqz5fjx1gdj3ypr54czwj1r62mksx26pw4zhtjhe74rgfsxszd50yrp51kr7e7c724smdh674kbgece8r9gpzd6078d860fqa0h3fecg925mwep1gpyvgnnp1ynzqq7wfhj0g555apsvft975c3vd51gnx4a79w5y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%26client%3Dca-pub-2193017516651811%26adurl%3D
Frame ID: 48570A1D7DEBD7778A62D5B192ABB707
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9B3864C7FDF3766C59EB37DC026A8440
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CA9iqWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExAFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjSCJntTlAxGhp2C5skuO02-2cXtheWau-bRgdoYzyMqRY6kARXPSgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTkzMDE3NTE2NjUxODExGAA&sigh=dUTsUfhWub0&uach_m=[UACH]&cid=CAQSPADUE5ym_HZSfVn73F6iwljFj1OgVGpr46RdANbVQZ_ZgJAE6c_6GU3vw_BOeo-3BT3UVjM-EO-IQdiY7RgB
Frame ID: D45E32C8445E56D2A01CB0F1D1AF4BCD
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h5856ddcdhwqay6p49tmarkszqm7mzzj8w1tmw73jwd9j9mxwqysbdyxtm2580m1xyf1xscmzjvwjzhjvcceymr3e03w79tp9xnn64jg9d6d8dmn28cm8zbh7j9jj99t6x3md01x99hy3vahxsbj6ats8zxnjghhc96gvmxegee8b16pap7403q97snxvbc7hw3kx1b613vpwwfwwmwddssbny4nqm75gmwm6nzwtgqj3ar7dbzbs839zt1q81twqn6nvrztrpjnjhabwaqcsh5hv868fb35psj9fpajqpr8vyj70vx5pg4p3feyhp8yy1xvb69xwvw5qcgzfexdxeanztyf8e6chpx4hby6fcz53rvfe9tafeynb4bdd4pf8e8dbrqwvp82sz5ehtqy163z085k1kt68wa1f4fkmdae2hs4d01fym5xxc3rb56sy33rrx2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%26client%3Dca-pub-2193017516651811%26adurl%3D
Frame ID: 012E395C1A26B2EFBD5F9DEBD64F112D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45D264DC156B87DD5329EC066DB1FF86
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hckhy1etk8j5y2s5teb1e3q4k6qxhmyb1df8g0wgp7ygjy8rrs0y2ehdzpa5vtgw46r63a4jdtpzsqxxm9q4gyjszrby8cbfakbwat50m823g37w5brnpd73p12kn2e5qbdystkex8cw7pp658dwd8w6smy7vkjk7xasq6px0fym73thk5h9fx0tzgxt2a52vn2jasb0v80kex9tnxjr9bj2xeakz63fev07j156a1etbnkvrpazk0a38tgjvhh009s36474a2xc3mekyj97ce41ynq1aesfqh0kx13efj60n41j1z60ank7en6cbgj1tyeka3pb469k1p1myxszx9a8pqn2p0fynzxqft6k6x8zbkyg2vx7s0mr0tqqg449b5qa2zyk3jw5f49hacg6m8nr53s12h9777jb4tzngkj93k2q9nkdj0wp2nj17z3r5bd55z5y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%26client%3Dca-pub-2193017516651811%26adurl%3D
Frame ID: BD66B6B276781A6F435A46DD31304716
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D8B08D561411748C62E7C28BB70C93E5
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E2B1EB209C11DB26E8FDE4AA1BE0D11C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0F6C828EC7F72053A70215A196A6DC36
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 13E09C7A65A83066B4DF8078598ADF33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BEBBD3C22012295FC78DEBC2C2E61BE4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91434A96484C9C9A56E2FD29CEA8CF27
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=cd70ce35802cf1a82e55af3dabd61c17%2F12207372372213828420&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7h8rmjy3kqsv0k6g1z5wz4negq11x405aah18n7rgzj8c0zjp997kb2ywymjk0ag6qcrxw4crs9r2p4behkv3ym2f7b75ke973rfah03qcvdhst11angfrfb8h80989zq6vxj6ee3nh2r3rk8m2amyy2fcten9y3fngfj9hf2283b0e02gf03cqdbwbfhkg3my9sqbtw7rsspfp7ad7ya284anerscafdh7zfxgpjj08ka1fw266nem8pjakmjdhbbp3aqwaz034vg2yjp2tqp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Frame ID: 7C9E0FCFDF85158FD97A31969E50A0E6
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Frame ID: 9899B5787FBDB202FC82FEB0CCC439A9
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=e9ee5eb32c4596c6b5ba84b450bb2ad1%2F4522571688856130379&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770331&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcz2t6w165f4t9yjx5rvfbsnecj513141d9gsmf1kkr232w3yhhncbb54j24kashpaey5fst9qbg8pmjrfdqr9eqhr1ej4deqx6chnxvn25e26y3fpbfn1h5aps2mg30t4saa572fp6at9dqgvxvvn4c03j8hn0wky1dxbd0fw1rdj865w0thxfm46y64c353898mr1k5g324yhs2ktpywdjfqd039r19vr8dcqmxk4wjy9rq118w2g2wkz5secmv7f9csc3smftv547waemkj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Frame ID: BD779193B6B4392FCA5DDF2FB2BB33E0
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bangladesh Online Help & Information Hub - BDesheba

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

156
Requests

71 %
HTTPS

50 %
IPv6

36
Domains

45
Subdomains

27
IPs

6
Countries

2657 kB
Transfer

4769 kB
Size

43
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://web.facebook.com/bdeshebaofficial
Title: Facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHtEfJg3B8KRp051mItqbJg&google_cver=1&google_push=Aa02lx_3SGrvTeEZjwz55fqtXQuIaJ8cylVhxrAZMSJ32apmttI88hVFHbcmoWW54DjcWcmzsUg5tkbRMcsKRFxr5kSmQyTaf0km&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_3SGrvTeEZjwz55fqtXQuIaJ8cylVhxrAZMSJ32apmttI88hVFHbcmoWW54DjcWcmzsUg5tkbRMcsKRFxr5kSmQyTaf0km%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHtEfJg3B8KRp051mItqbJg&google_cver=1&google_push=Aa02lx_3SGrvTeEZjwz55fqtXQuIaJ8cylVhxrAZMSJ32apmttI88hVFHbcmoWW54DjcWcmzsUg5tkbRMcsKRFxr5kSmQyTaf0km&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_3SGrvTeEZjwz55fqtXQuIaJ8cylVhxrAZMSJ32apmttI88hVFHbcmoWW54DjcWcmzsUg5tkbRMcsKRFxr5kSmQyTaf0km%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 86

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELvjNSg-75NPFcLdOvgEUU4&google_cver=1&google_push=Aa02lx8hyQhqxP97tIq4k9hFw862jSFQI5M1iWprFZOLoPNmy1tol9vSbsM9LAvDDW-dEF2fy_JV7HhqMcRva8eLl2BBL5Ol0pFN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNzE5NDY0ODczMzM1MDAzMw%3D%3D&google_push=Aa02lx8hyQhqxP97tIq4k9hFw862jSFQI5M1iWprFZOLoPNmy1tol9vSbsM9LAvDDW-dEF2fy_JV7HhqMcRva8eLl2BBL5Ol0pFN

Request Chain 87

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Sfp1kKVhwKaJakYRQHqcPEQS_BXsDoZE-ZtiNNJuBR_0-atEJl9Da9kh-sAR-_eTfvwP76vXCuAvDGoOazhj05XtcoKskbg&google_gid=CAESEJQ2_HtFzwL740ZPGs8sqwk&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Sfp1kKVhwKaJakYRQHqcPEQS_BXsDoZE-ZtiNNJuBR_0-atEJl9Da9kh-sAR-_eTfvwP76vXCuAvDGoOazhj05XtcoKskbg&google_gid=CAESEJQ2_HtFzwL740ZPGs8sqwk&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDUyMjM2MDkwMDA0NzA5NDAwMjAxOA%3D%3D&google_push=Aa02lx8Sfp1kKVhwKaJakYRQHqcPEQS_BXsDoZE-ZtiNNJuBR_0-atEJl9Da9kh-sAR-_eTfvwP76vXCuAvDGoOazhj05XtcoKskbg

Request Chain 89

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENON-khUfFtE3jU3fucRDeA&google_cver=1&google_push=Aa02lx_3PqnweSaV3q4-E5wqGxPmLrncVvTnJ5vOTMj1R7mv9mYDFz4JeAOQe77iaYk--964-PXq5f1nVSZu6z1baMHRNEA_w78Y7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWWjJVSU8tWC1DWFNU&google_push=Aa02lx_3PqnweSaV3q4-E5wqGxPmLrncVvTnJ5vOTMj1R7mv9mYDFz4JeAOQe77iaYk--964-PXq5f1nVSZu6z1baMHRNEA_w78Y7Q

Request Chain 90

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEA2LM6Gtm2YMk_eCadGzUsM&google_cver=1&google_push=Aa02lx_cKSE-SfOdQX8Mu9pc7Ehsixa3RcdFLcuhDIgJgB048i0NE0eNM_KCbIKRFwQM19LPHdxBPwKdTkqSHFqkWlq40YIP-0Cx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_cKSE-SfOdQX8Mu9pc7Ehsixa3RcdFLcuhDIgJgB048i0NE0eNM_KCbIKRFwQM19LPHdxBPwKdTkqSHFqkWlq40YIP-0Cx

Request Chain 91

https://match.360yield.com/match/ebda?google_gid=CAESEBB4mvouCKZUr2254D7-6rg&google_cver=1&google_push=Aa02lx_RHhl4LMaPwnrENu_qnrGHcq8aCcGSYjZ-Fnbhwk-39Naimj6gH3SdTovqT9LS893g1Kj4h6YXflBDIP8UNiGaNPElu5gT9Q HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBB4mvouCKZUr2254D7-6rg&google_cver=1&google_push=Aa02lx_RHhl4LMaPwnrENu_qnrGHcq8aCcGSYjZ-Fnbhwk-39Naimj6gH3SdTovqT9LS893g1Kj4h6YXflBDIP8UNiGaNPElu5gT9Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3CGtTVqpSUaGOi8XNTDMSg&google_push=Aa02lx_RHhl4LMaPwnrENu_qnrGHcq8aCcGSYjZ-Fnbhwk-39Naimj6gH3SdTovqT9LS893g1Kj4h6YXflBDIP8UNiGaNPElu5gT9Q

Request Chain 103

https://d.agkn.com/pixel/2175/?google_gid=CAESEBMxoKChbwfHDOZJuWhiroE&google_cver=1&google_push=Aa02lx-tlLv-RwRNur3oOg6L7GqMaymwm8vTyAAsy6_vue4bgM3B2CtdKVS0q4G11I4Gk15sUFc2CrezjvkVYuizRhSJ2BQF7zx3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx-tlLv-RwRNur3oOg6L7GqMaymwm8vTyAAsy6_vue4bgM3B2CtdKVS0q4G11I4Gk15sUFc2CrezjvkVYuizRhSJ2BQF7zx3&google_hm=Q0FFU0VCTXhvS0NoYndmSERPWkp1V2hpcm9F

Request Chain 105

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELCVByfATyNaX2qVKnJjQyo&google_cver=1&google_push=Aa02lx_V3ZLxcBtXoSsl_8x6JyrLJXrYwXJh8zxqw7ofUrCnTUx4r8pniPZYxjEtx7xel4b67h45CSVkoof1yL9n0OvwcjLOkRg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELCVByfATyNaX2qVKnJjQyo&google_cver=1&google_push=Aa02lx_V3ZLxcBtXoSsl_8x6JyrLJXrYwXJh8zxqw7ofUrCnTUx4r8pniPZYxjEtx7xel4b67h45CSVkoof1yL9n0OvwcjLOkRg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8naRzYVlStO-58Amn_d-mQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_V3ZLxcBtXoSsl_8x6JyrLJXrYwXJh8zxqw7ofUrCnTUx4r8pniPZYxjEtx7xel4b67h45CSVkoof1yL9n0OvwcjLOkRg

Request Chain 106

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIvMh6F_vnivtNRYQf_e6L8&google_cver=1&google_push=Aa02lx9mjLGH2NyZsI-rlTfjlYI5yB6ZHuPJEAU1Yje0VRFYyR39tcsIh1uIuGEV9Ilw62L5wUQAi4OPdrkckuM_4k_XQ05TrGJt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWWjJVTVQtQy1EQlJJ&google_push=Aa02lx9mjLGH2NyZsI-rlTfjlYI5yB6ZHuPJEAU1Yje0VRFYyR39tcsIh1uIuGEV9Ilw62L5wUQAi4OPdrkckuM_4k_XQ05TrGJt

Request Chain 107

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBq369Jux3opTuVdPhDs3CM&google_cver=1&google_push=Aa02lx8VOFD9UQjTb7d4qa_bdVsqfR7qdKMuyxjkUN-ll91dM4MyllermTbvIjU15drqn6-6mWDWuLDFehe1_aiSA_3aTR2nEluL HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBq369Jux3opTuVdPhDs3CM&google_push=Aa02lx8VOFD9UQjTb7d4qa_bdVsqfR7qdKMuyxjkUN-ll91dM4MyllermTbvIjU15drqn6-6mWDWuLDFehe1_aiSA_3aTR2nEluL&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBq369Jux3opTuVdPhDs3CM&google_hm=ZAUZWo7RqIUg2KZ0yeQHiQAADMcAAAIB&google_nid=index&google_push=Aa02lx8VOFD9UQjTb7d4qa_bdVsqfR7qdKMuyxjkUN-ll91dM4MyllermTbvIjU15drqn6-6mWDWuLDFehe1_aiSA_3aTR2nEluL

Request Chain 111

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJwZoCmY_Iy1hLesZCHNZzA&google_cver=1&google_push=Aa02lx8qX3tmD6DnyD6wyYX6lHLu1ukfOqt0GA7hkcHtw_taU95kmzmbreRLAS5NG86aDgstYLVxUntmsLISHHSJUAzOUmIaJ0brtx0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8qX3tmD6DnyD6wyYX6lHLu1ukfOqt0GA7hkcHtw_taU95kmzmbreRLAS5NG86aDgstYLVxUntmsLISHHSJUAzOUmIaJ0brtx0

Request Chain 113

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJgkUZGm-hlWFTsIafSNarE&google_cver=1&google_push=Aa02lx8-QjkQBsuJWGY6jQL4Fz4LZ6JbGQFToZDxZIz2RZqMzuvl6-PTAizKezx-38LLw81s5YcNb54IPqAuEj9qgDYNx2vPnAWLuQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8-QjkQBsuJWGY6jQL4Fz4LZ6JbGQFToZDxZIz2RZqMzuvl6-PTAizKezx-38LLw81s5YcNb54IPqAuEj9qgDYNx2vPnAWLuQ&google_hm=0XP6tPXAQvKJ2sqoP2bVYYM

Request Chain 114

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIluAUR6smr137docJKzD48&google_cver=1&google_push=Aa02lx8S5qdCBpqUeipHM25sGXXiR1OdmYBw7N1Ldjwan3YkoTqGs86YbdxG5vBk593swHxq7hyJG8kP46ARs9fX2TyAlROK0m-Xuw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=C-7YvZ8ER6-s5RqTBtu3-A2&google_push=Aa02lx8S5qdCBpqUeipHM25sGXXiR1OdmYBw7N1Ldjwan3YkoTqGs86YbdxG5vBk593swHxq7hyJG8kP46ARs9fX2TyAlROK0m-Xuw

Request Chain 115

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHjLa8Qd44DDe71r1Gb9iyY&google_cver=1&google_push=Aa02lx-Eq0yXW1MQqXVdQhUFCQOnwwZAEdtzgy0B5idII_iFOBnyaEuCy1smOqVuIp3NH29t2nT08td2eZMYvFkWmkyQddpCMmpc4h8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHjLa8Qd44DDe71r1Gb9iyY&google_push=Aa02lx-Eq0yXW1MQqXVdQhUFCQOnwwZAEdtzgy0B5idII_iFOBnyaEuCy1smOqVuIp3NH29t2nT08td2eZMYvFkWmkyQddpCMmpc4h8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHjLa8Qd44DDe71r1Gb9iyY&google_hm=ZAUZWo7RqIUg2KZ0yeQHiQAADMcAAAIB&google_nid=index&google_push=Aa02lx-Eq0yXW1MQqXVdQhUFCQOnwwZAEdtzgy0B5idII_iFOBnyaEuCy1smOqVuIp3NH29t2nT08td2eZMYvFkWmkyQddpCMmpc4h8

Request Chain 116

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEP5jLjvJ0GD44winUKUCwfk&google_cver=1&google_push=Aa02lx9lTtP6Y5T_sORi42PVLkEnwcEBGN6tGWuETI1JY3JeG_Qbeoqz6WLRGZB0C49aQLpzo9CtSkKsT3hojBhjzCuW8f13HAe9p_k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9lTtP6Y5T_sORi42PVLkEnwcEBGN6tGWuETI1JY3JeG_Qbeoqz6WLRGZB0C49aQLpzo9CtSkKsT3hojBhjzCuW8f13HAe9p_k

Request Chain 149

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPSih_Hsxf0CFV2G_QcdPCAPrw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117683V1226132702M%26subid%3Dviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023030523361182431606885X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030523361182431606885X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218

Request Chain 152

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1678055770_20d68b90-bba6-11ed-bf45-2264f50d357a&insert=AW&&gdpr=0&gdpr_consent=

156 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bdesheba.com/ 122 KB
37 KB 843ms
680ms Document
text/html 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 09e8083de6a4b2b2107866338bfc962091ad22b66403f8bf186b5706e673fff2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 37532
Content-Type: text/html; charset=UTF-8
Date: Sun, 05 Mar 2023 22:36:06 GMT
Keep-Alive: timeout=5, max=100
Link: <https://bdesheba.com/wp-json/>; rel="https://api.w.org/"
Server: Apache
Upgrade: h2
Vary: Accept-Encoding

GET
H/1.1 200
OK style.min.css
bdesheba.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 263ms
142ms Stylesheet
text/css 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Nov 2022 05:55:37 GMT
Server: Apache
ETag: "172a9-5ed901f29d2a6-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 12518

GET
H/1.1 200
OK classic-themes.min.css
bdesheba.com/wp-includes/css/ 217 B
530 B 281ms
139ms Stylesheet
text/css 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 05:56:54 GMT
Server: Apache
ETag: "d9-5ec768201a47e-gzip"
Vary: Accept-Encoding
Upgrade: h2
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 189

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
bdesheba.com/wp-includes/js/ 18 KB
5 KB 169ms
142ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
Server: Apache
ETag: "48b9-5dc6eb878efc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5009

GET
H/1.1 200
OK styles.css
bdesheba.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 231ms
140ms Stylesheet
text/css 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 20:29:57 GMT
Server: Apache
ETag: "b2b-5f51368f1e9aa-gzip"
Vary: Accept-Encoding
Upgrade: h2
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1004

GET
H/1.1 200
OK css
fonts.googleapis.com/ 9 KB
1 KB 99ms
59ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C900%26subset%3Dlatin%2C

Requested by

Host: bdesheba.com
URL: http://bdesheba.com/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2eec29cac47254572eb4f5bed41d670f17cc9ce61db1da995df14d161d6d2dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sun, 05 Mar 2023 22:36:07 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 05 Mar 2023 22:36:07 GMT

GET
H/1.1 200
OK style.css
bdesheba.com/wp-content/themes/keyword-pro/ 71 KB
13 KB 276ms
139ms Stylesheet
text/css 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/style.css?ver=20180523
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 767d53e7dc0c6030059a36d73f8adb2d3cfe581b9237e14fc4eeb1f1f321e7f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 05:40:36 GMT
Server: Apache
ETag: "11c4f-588be5b087d00-gzip"
Vary: Accept-Encoding
Upgrade: h2
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12685

GET
H/1.1 200
OK genericons.css
bdesheba.com/wp-content/themes/keyword-pro/genericons/ 154 B
470 B 290ms
138ms Stylesheet
text/css 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/genericons/genericons.css?ver=6.1.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Dec 2017 18:22:29 GMT
Server: Apache
ETag: "9a-561060409c340-gzip"
Vary: Accept-Encoding
Upgrade: h2
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 129

GET
H/1.1 200
OK jquery.modal.css
bdesheba.com/wp-content/themes/keyword-pro/assets/css/ 11 KB
6 KB 294ms
140ms Stylesheet
text/css 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/assets/css/jquery.modal.css?ver=6.1.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 2367c78d84f277faaa1dcbc0d9ee060f610246945655de0ac37b7dab7fe107ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Dec 2017 18:22:29 GMT
Server: Apache
ETag: "2d2a-561060409c340-gzip"
Vary: Accept-Encoding
Upgrade: h2
Content-Type: text/css
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6189

GET
H/1.1 200
OK responsive.css
bdesheba.com/wp-content/themes/keyword-pro/ 16 KB
3 KB 349ms
138ms Stylesheet
text/css 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/responsive.css?ver=20180401
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 97ae1dac4d8947e1c5229334cf166b2279ab404a6157790c98993c96bab2d7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 May 2018 08:58:37 GMT
Server: Apache
ETag: "4107-56b4968b48940-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2799

GET
H/1.1 200
OK jquery.min.js Show response
bdesheba.com/wp-includes/js/jquery/ 88 KB
31 KB 372ms
145ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Nov 2022 05:56:54 GMT
Server: Apache
ETag: "15e54-5ec7681fb5b29-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30995

GET
H/1.1 200
OK jquery-migrate.min.js Show response
bdesheba.com/wp-includes/js/jquery/ 11 KB
4 KB 373ms
142ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Server: Apache
ETag: "2bd8-5b45debe27b80-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4169

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 207ms
20ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-236094877-1

Requested by

Host: bdesheba.com
URL: http://bdesheba.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f139a97e5a488109d0c1b543c5cbcebed6c0f1e08cf8ac2c65861f9b3737d6db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44809
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Mar 2023 22:36:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 169ms
0ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2193017516651811

Requested by

Host: bdesheba.com
URL: http://bdesheba.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eefb09dbcc1a503fa6b9346b85ee63d1d44aa70ffd07334c093aceb2de1a7fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bdesheba.com/
Origin: http://bdesheba.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48533
x-xss-protection: 0
server: cafe
etag: 3897824888024496042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 22:36:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
47 KB 183ms
12ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2193017516651811&host=ca-host-pub-2644536267352236

Requested by

Host: bdesheba.com
URL: http://bdesheba.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8b37a341907411e2138f9bc14d79d79b27acb8765ef3c23f48a6e6b301174e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bdesheba.com/
Origin: http://bdesheba.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48361
x-xss-protection: 0
server: cafe
etag: 4386765267031996113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 22:36:08 GMT

GET
H2 200 bdesheba.com-logo.png
bdesheba.com/wp-content/uploads/2022/06/ 16 KB
16 KB 636ms
287ms Image
image/png 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2022/06/bdesheba.com-logo.png
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 2b8ffdcd100c493b3cb5af1c3d9b728ad2880967aa7c4e12a1f063587fc8cdbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Sat, 25 Jun 2022 18:49:22 GMT
server: Apache
accept-ranges: bytes
etag: "3fdd-5e24a25221080"
content-length: 16349
content-type: image/png

GET
H/1.1 200
OK index.js Show response
bdesheba.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 138ms
138ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 20:29:57 GMT
Server: Apache
ETag: "2945-5f51368f1ab2a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3040

GET
H/1.1 200
OK index.js Show response
bdesheba.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 154ms
153ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 20:29:57 GMT
Server: Apache
ETag: "3294-5f51368f19b8a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4184

GET
H/1.1 200
OK superfish.js Show response
bdesheba.com/wp-content/themes/keyword-pro/assets/js/ 7 KB
3 KB 171ms
161ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/assets/js/superfish.js?ver=6.1.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Dec 2017 18:22:29 GMT
Server: Apache
ETag: "1d7c-561060409c340-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2414

GET
H/1.1 200
OK jquery.slicknav.min.js Show response
bdesheba.com/wp-content/themes/keyword-pro/assets/js/ 8 KB
3 KB 170ms
160ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/assets/js/jquery.slicknav.min.js?ver=6.1.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Dec 2017 18:22:29 GMT
Server: Apache
ETag: "20df-561060409c340-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2648

GET
H/1.1 200
OK modernizr.min.js Show response
bdesheba.com/wp-content/themes/keyword-pro/assets/js/ 15 KB
6 KB 168ms
161ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/assets/js/modernizr.min.js?ver=6.1.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Dec 2017 18:22:29 GMT
Server: Apache
ETag: "3c36-561060409c340-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6246

GET
H/1.1 200
OK html5.js Show response
bdesheba.com/wp-content/themes/keyword-pro/assets/js/ 10 KB
3 KB 163ms
157ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/assets/js/html5.js?ver=6.1.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Dec 2017 18:22:29 GMT
Server: Apache
ETag: "285a-561060409c340-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3122

GET
H/1.1 200
OK clipboard.min.js Show response
bdesheba.com/wp-content/themes/keyword-pro/assets/js/ 9 KB
3 KB 169ms
140ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/assets/js/clipboard.min.js?ver=6.1.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: ca19a08d150ab3e0255c198f9b3035d1b1e93ece6146f4088ada02e3cee808cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Dec 2017 18:22:29 GMT
Server: Apache
ETag: "2355-561060409c340-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 3017

GET
H/1.1 200
OK jquery.modal.min.js Show response
bdesheba.com/wp-content/themes/keyword-pro/assets/js/ 4 KB
2 KB 167ms
139ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/assets/js/jquery.modal.min.js?ver=6.1.1
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 4ea4c5b9b33434ef40ac730329fb4a984d4de3314faafbc282e89946c14450df

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Dec 2017 18:22:29 GMT
Server: Apache
ETag: "10bd-561060409c340-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1394

GET
H/1.1 200
OK jquery.custom.js Show response
bdesheba.com/wp-content/themes/keyword-pro/assets/js/ 5 KB
1 KB 166ms
138ms Script
application/javascript 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/assets/js/jquery.custom.js?ver=20180401
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 2d1265bcac1d193baf467971d91b7a5185c137201559f3c891376cffc624dae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Content-Encoding: gzip
Last-Modified: Sat, 07 Apr 2018 13:42:44 GMT
Server: Apache
ETag: "13ad-5694258e95d00-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1081

GET
H/1.1 200
OK genericons.css
bdesheba.com/wp-content/themes/keyword-pro/genericons/genericons/ 28 KB
16 KB 145ms
144ms Stylesheet
text/css 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/genericons/genericons/genericons.css
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/wp-content/themes/keyword-pro/genericons/genericons.css?ver=6.1.1
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: bc931abb3767634e25ccd5b2ba03c2dcbb453b60aada18df6ebe23fb4413ceed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/wp-content/themes/keyword-pro/genericons/genericons.css?ver=6.1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Apr 2018 15:43:33 GMT
Server: Apache
ETag: "6e69-5692feb24f340-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 16441

GET
H/1.1 200
OK chat.png
bdesheba.com/wp-content/themes/keyword-pro/assets/img/ 731 B
999 B 151ms
147ms Image
image/png 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/assets/img/chat.png
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/wp-content/themes/keyword-pro/style.css?ver=20180523
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 74d577e89617801f71223f0099a93628627821ba55861d0defdaf30c4e1d6923

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/wp-content/themes/keyword-pro/style.css?ver=20180523
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Last-Modified: Sun, 25 Mar 2018 10:30:09 GMT
Server: Apache
ETag: "2db-5683a243e2e40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 731

GET
H/1.1 200
OK arrow-right-gray.png
bdesheba.com/wp-content/themes/keyword-pro/assets/img/ 587 B
855 B 164ms
137ms Image
image/png 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bdesheba.com/wp-content/themes/keyword-pro/assets/img/arrow-right-gray.png
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/wp-content/themes/keyword-pro/style.css?ver=20180523
Protocol: HTTP/1.1
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 2097ea81556209b15cff0811e29469e3cecf22dab90045c28b23430d64c464ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/wp-content/themes/keyword-pro/style.css?ver=20180523
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:08 GMT
Last-Modified: Mon, 02 Apr 2018 16:37:33 GMT
Server: Apache
ETag: "24b-568e034e5ed40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 587

GET
H/1.1 200
OK 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 69ms
37ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C900%26subset%3Dlatin%2C

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://bdesheba.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 23:04:29 GMT
X-Content-Type-Options: nosniff
Age: 430299
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 12924
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:02:31 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 28 Feb 2024 23:04:29 GMT

GET
H/1.1 200
OK 6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 12 KB
13 KB 64ms
32ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C900%26subset%3Dlatin%2C

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://bdesheba.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 08:19:40 GMT
X-Content-Type-Options: nosniff
Age: 310588
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 12408
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:54:54 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 01 Mar 2024 08:19:40 GMT

GET
H/1.1 200
OK 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 64ms
32ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C900%26subset%3Dlatin%2C

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://bdesheba.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 20:53:55 GMT
X-Content-Type-Options: nosniff
Age: 265333
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 13036
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:04:42 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 01 Mar 2024 20:53:55 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer: http://bdesheba.com/
Origin: http://bdesheba.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 Trade-License-Renewal-Process-In-Bangladesh-350x195.jpg
bdesheba.com/wp-content/uploads/2023/03/ 15 KB
15 KB 619ms
286ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2023/03/Trade-License-Renewal-Process-In-Bangladesh-350x195.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 6340964e4c43fcf17a84684c2c3684fb33a77c86e06cc54861eb4a5305743ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Fri, 03 Mar 2023 09:36:51 GMT
server: Apache
accept-ranges: bytes
etag: "3c7c-5f5fbaf5c26bb"
content-length: 15484
content-type: image/jpeg

GET
H2 200 Income-Tax-Rate-In-Bangladesh-350x195.jpg
bdesheba.com/wp-content/uploads/2023/03/ 14 KB
15 KB 600ms
287ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2023/03/Income-Tax-Rate-In-Bangladesh-350x195.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: ede4f033c2faa97ebc11ccbb2857dd34aeba76d6ea6fe69f2a9eb42fdabaed3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Fri, 03 Mar 2023 09:24:37 GMT
server: Apache
accept-ranges: bytes
etag: "39f2-5f5fb839d9d07"
content-length: 14834
content-type: image/jpeg

GET
H2 200 NGO-Registration-in-Bangladesh-350x195.jpg
bdesheba.com/wp-content/uploads/2023/03/ 9 KB
10 KB 374ms
149ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2023/03/NGO-Registration-in-Bangladesh-350x195.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 8930edbf94b0d8b9e49e70b8cd962af0ec2c9840dd3d6734f7394d1d0d0fa418

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Fri, 03 Mar 2023 09:27:06 GMT
server: Apache
accept-ranges: bytes
etag: "2578-5f5fb8c896f84"
content-length: 9592
content-type: image/jpeg

GET
H2 200 E-Passport-Correction-Online-350x195.jpg
bdesheba.com/wp-content/uploads/2023/02/ 10 KB
10 KB 511ms
286ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2023/02/E-Passport-Correction-Online-350x195.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 4e921222656a5332eb13b34f97c96c083b3c53e56132a51aef81e114a3ac0d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Thu, 02 Mar 2023 04:55:03 GMT
server: Apache
accept-ranges: bytes
etag: "2762-5f5e3a1c2c2f3"
content-length: 10082
content-type: image/jpeg

GET
H2 200 BIN-Certificate-Check-350x195.jpg
bdesheba.com/wp-content/uploads/2023/02/ 15 KB
16 KB 447ms
288ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2023/02/BIN-Certificate-Check-350x195.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: f982cc401a7fd3397789c01dfe32b0da6abc641d6968900b4d60a06069df2449

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Wed, 01 Mar 2023 05:07:02 GMT
server: Apache
accept-ranges: bytes
etag: "3df7-5f5cfaebae470"
content-length: 15863
content-type: image/jpeg

GET
H2 200 Work-Permit-Visa-From-Bangladesh-350x195.jpg
bdesheba.com/wp-content/uploads/2023/02/ 13 KB
13 KB 415ms
412ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2023/02/Work-Permit-Visa-From-Bangladesh-350x195.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 1fb7526aa0b7f65abed529a0b4484b11c7b9bde059ca55dfc3ad694b43968198

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Wed, 01 Mar 2023 06:14:09 GMT
server: Apache
accept-ranges: bytes
etag: "3512-5f5d09ec8165c"
content-length: 13586
content-type: image/jpeg

GET
H2 200 Foundation-Rules-and-Regulations-in-Bangladesh-350x195.jpg
bdesheba.com/wp-content/uploads/2023/02/ 15 KB
15 KB 414ms
411ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2023/02/Foundation-Rules-and-Regulations-in-Bangladesh-350x195.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 89cc4eb7f55f9d04b4a1bc61d3d3b89f46bb67308018f4c5623f308bf86531d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Fri, 24 Feb 2023 05:09:08 GMT
server: Apache
accept-ranges: bytes
etag: "3c38-5f56b21116360"
content-length: 15416
content-type: image/jpeg

GET
H2 200 BIN-Registration-In-Bangladesh-350x195.jpg
bdesheba.com/wp-content/uploads/2023/02/ 16 KB
16 KB 415ms
412ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2023/02/BIN-Registration-In-Bangladesh-350x195.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 1269966864fea9e2e862f5ffacaf25e8e998d6ec0c4031dbc7300a9337e7c233

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Fri, 24 Feb 2023 05:13:51 GMT
server: Apache
accept-ranges: bytes
etag: "3f3a-5f56b31e779b7"
content-length: 16186
content-type: image/jpeg

GET
H2 200 Smart-NID-Status-Check-300x300.jpg
bdesheba.com/wp-content/uploads/2022/09/ 20 KB
21 KB 415ms
412ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2022/09/Smart-NID-Status-Check-300x300.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: a80e2071f57de0e272df505968e6d0e2dc9a89b60e446aca52bc8b2b23f23dbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Tue, 06 Sep 2022 23:06:38 GMT
server: Apache
accept-ranges: bytes
etag: "51c6-5e80a3f9b1b80"
content-length: 20934
content-type: image/jpeg

GET
H2 200 Prepaid-Meter-Codes-300x300.jpg
bdesheba.com/wp-content/uploads/2022/08/ 16 KB
16 KB 415ms
413ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2022/08/Prepaid-Meter-Codes-300x300.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 2e183da725c23083b3ed4ce082479d6ee1ea9b6a8b957dbda7b703159c4790e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Wed, 03 Aug 2022 21:18:36 GMT
server: Apache
accept-ranges: bytes
etag: "3ea3-5e55cc6a4e300"
content-length: 16035
content-type: image/jpeg

GET
H2 200 Vaccine-Certificate-Correction-Bangladesh-300x300.jpg
bdesheba.com/wp-content/uploads/2022/11/ 13 KB
14 KB 416ms
413ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2022/11/Vaccine-Certificate-Correction-Bangladesh-300x300.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: f0c50013ceabd9c6f8140ee1880c7b4b85d703a867f8f4f75277374580c5a3ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Wed, 16 Nov 2022 18:47:03 GMT
server: Apache
accept-ranges: bytes
etag: "35f8-5ed9ae6088e6d"
content-length: 13816
content-type: image/jpeg

GET
H2 200 Calculate-Tax-Rebate-in-Income-Tax-of-Bangladesh-300x300.jpg
bdesheba.com/wp-content/uploads/2023/02/ 17 KB
17 KB 416ms
413ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2023/02/Calculate-Tax-Rebate-in-Income-Tax-of-Bangladesh-300x300.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: b02b7e3fc262e4eda8ebc503d23a2a9f8859235c38145d160786095ce9424a85

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Sat, 04 Feb 2023 17:58:26 GMT
server: Apache
accept-ranges: bytes
etag: "427f-5f3e38b72e4a2"
content-length: 17023
content-type: image/jpeg

GET
H2 200 E-TIN-Certificate-Download-BD-300x300.jpg
bdesheba.com/wp-content/uploads/2022/11/ 16 KB
16 KB 416ms
413ms Image
image/jpeg 66.187.6.115
HOSTODO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdesheba.com/wp-content/uploads/2022/11/E-TIN-Certificate-Download-BD-300x300.jpg
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.187.6.115 Miami, United States, ASN399804 (HOSTODO, US),
Reverse DNS: mars.dnsfest.com
Software: Apache /
Resource Hash: 9296df9ec622dea363e358532da2ded8c9534cdf1c994a1da9259be7f55012c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
last-modified: Sun, 27 Nov 2022 19:00:04 GMT
server: Apache
accept-ranges: bytes
etag: "4105-5ee785cd0286b"
content-length: 16645
content-type: image/jpeg

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ 362 KB
119 KB 119ms
66ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2193017516651811&plah=bdesheba.com&bust=31072787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2193017516651811

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610e2372cb1c660815d93e7f6c695a84e830210351f19b1e4556ad3e12d74b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121999
x-xss-protection: 0
server: cafe
etag: 13757325831727774604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 22:36:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame 8806 10 KB
5 KB 159ms
34ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2193017516651811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bdesheba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 07:46:10 GMT
etag: 2378337311435320485
expires: Sun, 19 Mar 2023 07:46:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 94ms
23ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-236094877-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Mar 2023 21:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4589
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Mar 2023 23:19:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VVFNE98W12&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-236094877-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48fe6f7563394e77ec8040479958f2a549f5d3c902738f5b6c5349e4959d8576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78734
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 22:36:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 114ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VVFNE98W12&gtm=45je3310&_p=939198550&gdid=dZTNiMT&cid=354131852.1678055768&ul=en-us&sr=1600x1200&_s=1&sid=1678055768&sct=1&seg=0&dl=http%3A%2F%2Fbdesheba.com%2F&dt=Bangladesh%20Online%20Help%20%26%20Information%20Hub%20-%20BDesheba&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVFNE98W12&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://bdesheba.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
463 B 60ms
58ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bdesheba.com&callback=_gfp_s_&client=ca-pub-2193017516651811

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2193017516651811&plah=bdesheba.com&bust=31072787

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0851b1e8580798041a5e3181bee43c80ef66c7c749e579348c426c22706e65a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 141ms
35ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bdesheba.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 169ms
59ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bdesheba.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
76ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=masthead&cls=site-header%20%20clear&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: bdesheba.com
URL: http://bdesheba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D61 32 KB
7 KB 269ms
260ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&adk=1812271804&adf=3025194257&lmt=1678055768&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=http%3A%2F%2Fbdesheba.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&dt=1678055768228&bpp=3&bdt=922&idt=273&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8092147552327&frm=20&pv=2&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=357

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff9b436a1addf64cd76fd42cc22eb99064828ea053df23f5135145c61395d413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bdesheba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 6958
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:08 GMT
expires: Sun, 05 Mar 2023 22:36:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 32ms
31ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=939198550&t=pageview&_s=1&dl=http%3A%2F%2Fbdesheba.com%2F&ul=en-us&de=UTF-8&dt=Bangladesh%20Online%20Help%20%26%20Information%20Hub%20-%20BDesheba&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1237118710&gjid=1502924995&cid=354131852.1678055768&tid=UA-236094877-1&_gid=2111276287.1678055769&_r=1&gtm=457e3310&did=dZTNiMT&gdid=dZTNiMT&z=434213811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://bdesheba.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://bdesheba.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 32ms
31ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bdesheba.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 60ms
59ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bdesheba.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D4F 26 KB
12 KB 305ms
304ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=600&adk=2501168263&adf=2771890006&pi=t.aa~a.1697038023~rp.4&daaos=1678050882417&w=300&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=300x600&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1678055768987&bpp=3&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0&nras=2&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1qA1GSWxsy&p=http%3A//bdesheba.com&dtd=28

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41129aa5a90e9637be142b0395663cfdc93da0ee6cd0bb1b2282d3c302ffdcc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bdesheba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11929
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:09 GMT
expires: Sun, 05 Mar 2023 22:36:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5541 436 B
236 B 257ms
252ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=200&adk=2750636891&adf=2657007777&pi=t.aa~a.3376321272~rp.4&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x200&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=2&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600&nras=3&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=634&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6lDmn5IVir&p=http%3A//bdesheba.com&dtd=43

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a648d8c6cbb05912b60e874145c8d2b15f69703327638cf0ae90c8263b863402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bdesheba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:09 GMT
expires: Sun, 05 Mar 2023 22:36:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16BA 32 KB
13 KB 199ms
199ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1684538416&adf=2347993287&pi=t.aa~a.3975233358~rp.1&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200&nras=4&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=UsLrihClRm&p=http%3A//bdesheba.com&dtd=57

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b67b8dc15b279cf07c9c05b659014bdb188b05fabe6bc565c7b7ee931a637b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bdesheba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12895
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:09 GMT
expires: Sun, 05 Mar 2023 22:36:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B4C 32 KB
13 KB 250ms
249ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1055022455&adf=1967474185&pi=t.aa~a.3376315274~rp.4&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=1&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200%2C348x50&nras=5&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=FeZf7JZjGR&p=http%3A//bdesheba.com&dtd=62

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0eea385ab862a72ae80fae9f7da0cf752aae8a9eceb2846366e3ceb7e5e99e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bdesheba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12928
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:09 GMT
expires: Sun, 05 Mar 2023 22:36:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CD2E 0
0 104ms
103ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE4AJWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExAFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJBy2x-B4S8kjw9SBjdmUH7k2lFWBPdYOzGV9zIZN9n4M7brYUxWcXgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTkzMDE3NTE2NjUxODExGAA&sigh=vxX450F5GXc&uach_m=[UACH]&cid=CAQSPADUE5ym0DfOgR5mUUdL-aQNNizlQveEnQv26poDHhx7rZwGJ4VFXkEtqOmBszbdtZIcPEqMFYHwAZabDhgB

Requested by

Host: bdesheba.com
URL: http://bdesheba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1684538416&adf=2347993287&pi=t.aa~a.3975233358~rp.1&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200&nras=4&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=UsLrihClRm&p=http%3A//bdesheba.com&dtd=57
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 22:36:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame CD2E 0
0 149ms
41ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h136wjk2gekhsc1h9z84m77cr3h06mp8q2j9z5gnyyf4g6etdr6a2m3p8b37dzayzsx12am8jqg2f28ph58z20venr0vkgqg0n3qxft9pjhfa7hbswtbcxp3ba0pjc78xd4xfvtdad4wm74jzv6d9acqnhrdy5qwema7zhh62b0mhrex02649caz5s89njvsnszyc0kd1ph39t95chaxazcmda5ayn7356p2xfjyy0tjwdwjjnym1s8s2wwb8vp410mrga3ghtwx97wy120tzkp6daz98vbw1rfz7va67e23wak1s0yjpr02zy7w1bwaa4rh98fvhj6kr3zvt310n55daq061pqf1hdns4nfnx8jd487e4ar9ggx41jq12whwpwmzqxdt84w0g&b=ZAUZWQABU_8Iu-fHAA_areNl4rqloxrCfedWTQ
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 05 Mar 2023 22:36:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4857 2 KB
3 KB 154ms
52ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jyvbbye4x4jgq2cvh67z83k9xnbnxfgw12c1v4vx7ecxnamenpzxmsye2mgsz3jdnztf0n7vadm2d4z6r0d25e1c9whgqvqe8ed9cpk72nnc0z4gdqvdebxrdxv1a3zywme8v0bcrr8wz4dbamj46qq1tgndxmzwasyhqd559bshcap7dbnwkp5y699ax3cmfmttm5wspxakx86b9n38tdz66f2zt7h5gqjqxrjkn5r03dc06w2mce0j527z0eb7hw07jxsxfwtxwbq4w43qcwa31e1zbjcbwpg2k0zqz5fjx1gdj3ypr54czwj1r62mksx26pw4zhtjhe74rgfsxszd50yrp51kr7e7c724smdh674kbgece8r9gpzd6078d860fqa0h3fecg925mwep1gpyvgnnp1ynzqq7wfhj0g555apsvft975c3vd51gnx4a79w5y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%26client%3Dca-pub-2193017516651811%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1684538416&adf=2347993287&pi=t.aa~a.3975233358~rp.1&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200&nras=4&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=UsLrihClRm&p=http%3A//bdesheba.com&dtd=57

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

816e4f692926213350f0dbc2aef4df5572d47298babde49c2d00e735c26ce79f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a35d60eaeefbbcd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:09 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame CD2E 3 KB
1 KB 136ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 19:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 19:23:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9B38 1 KB
643 B 25ms
22ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Mon, 06 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame CD2E 20 KB
9 KB 124ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CD2E 0
0 139ms
37ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaST9VqjIwxINGoy1vhnI4cvD9IlTuzwD7CZajXL3XqWAegkB_WaowQzK4ifvZG_FlDif5GExdlvEy7k6sRaRrXpe1f5jg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1684538416&adf=2347993287&pi=t.aa~a.3975233358~rp.1&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200&nras=4&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=UsLrihClRm&p=http%3A//bdesheba.com&dtd=57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD2E 158 KB
49 KB 152ms
51ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 22:36:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 2D4F 3 KB
1 KB 43ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=600&adk=2501168263&adf=2771890006&pi=t.aa~a.1697038023~rp.4&daaos=1678050882417&w=300&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=300x600&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1678055768987&bpp=3&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0&nras=2&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1qA1GSWxsy&p=http%3A//bdesheba.com&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 19:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 19:23:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 2D4F 20 KB
8 KB 34ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2D4F 0
0 109ms
29ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5Fh6I5N3z66EWNiookUu9aKewnqcZQjOKgdMErw8CcmoWqlQjqDyC6Ut8gTmFVXGXMcuoXQhC6i8AOeJLXZ10knPoCg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=600&adk=2501168263&adf=2771890006&pi=t.aa~a.1697038023~rp.4&daaos=1678050882417&w=300&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=300x600&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1678055768987&bpp=3&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0&nras=2&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1qA1GSWxsy&p=http%3A//bdesheba.com&dtd=28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D4F 158 KB
48 KB 97ms
19ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 22:36:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D45E 0
0 89ms
89ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CA9iqWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExAFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjSCJntTlAxGhp2C5skuO02-2cXtheWau-bRgdoYzyMqRY6kARXPSgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMTkzMDE3NTE2NjUxODExGAA&sigh=dUTsUfhWub0&uach_m=[UACH]&cid=CAQSPADUE5ym_HZSfVn73F6iwljFj1OgVGpr46RdANbVQZ_ZgJAE6c_6GU3vw_BOeo-3BT3UVjM-EO-IQdiY7RgB

Requested by

Host: bdesheba.com
URL: http://bdesheba.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1055022455&adf=1967474185&pi=t.aa~a.3376315274~rp.4&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=1&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200%2C348x50&nras=5&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=FeZf7JZjGR&p=http%3A//bdesheba.com&dtd=62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 22:36:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D45E 0
0 35ms
35ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jvcjqb56c9vrbg28zr24d4xpkfvm1ccwdnj1cppp282x5yrx46190wy3jgyk69vxk9tf56ha498gph11jr39x6wt981mj36e7kj2nwg2epsr2m1kg66as215d3f82vb6x1g81zxswtr9c8nxv1wxwxgx0r2q3bz7x4pma3tj7vtb9d0p59zw8qwtfnm57hned6sg2pnrf5gqpxa2yzrh79cnh7e6xm99dnz0x1p29rd9ewpsr0ms9qyj4xcdr7kzss7a013g1jbmj1nqewqtys4z5epj16dn6kd37qzezbtxkm48abv1ph15dkeg8k06pdps57z9gz99d0r0qnhm65bxydefk991t52t67syzcmeydmpybdae1r84yy298dhkn3pgaqbpfh3qg&b=ZAUZWQABp5wCHkj8AAn5n8HhePAX1Hu-_s_dtw
Requested by: Host: bdesheba.com
URL: http://bdesheba.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 05 Mar 2023 22:36:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 012E 2 KB
1 KB 47ms
46ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h5856ddcdhwqay6p49tmarkszqm7mzzj8w1tmw73jwd9j9mxwqysbdyxtm2580m1xyf1xscmzjvwjzhjvcceymr3e03w79tp9xnn64jg9d6d8dmn28cm8zbh7j9jj99t6x3md01x99hy3vahxsbj6ats8zxnjghhc96gvmxegee8b16pap7403q97snxvbc7hw3kx1b613vpwwfwwmwddssbny4nqm75gmwm6nzwtgqj3ar7dbzbs839zt1q81twqn6nvrztrpjnjhabwaqcsh5hv868fb35psj9fpajqpr8vyj70vx5pg4p3feyhp8yy1xvb69xwvw5qcgzfexdxeanztyf8e6chpx4hby6fcz53rvfe9tafeynb4bdd4pf8e8dbrqwvp82sz5ehtqy163z085k1kt68wa1f4fkmdae2hs4d01fym5xxc3rb56sy33rrx2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%26client%3Dca-pub-2193017516651811%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1055022455&adf=1967474185&pi=t.aa~a.3376315274~rp.4&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=1&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200%2C348x50&nras=5&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=FeZf7JZjGR&p=http%3A//bdesheba.com&dtd=62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6efef0ce9784f24df1e4318cae8b42e68f31a1213c207a9b5e8dfcd6f676b269

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a35d60ebefabbcd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:09 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D45E 3 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 19:23:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 19:23:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 45D2 1 KB
643 B 73ms
66ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Mon, 06 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame D45E 20 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:31:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D45E 0
0 39ms
38ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAkwjgam9ytEyEwCDu0VxuzJeWuEjTvuoQgpH4HSRf_qSPAs-7W0eMGfi6MKzSMSrTbZW6625PWjUE6WEw1X0280p1qg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1055022455&adf=1967474185&pi=t.aa~a.3376315274~rp.4&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=1&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200%2C348x50&nras=5&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=FeZf7JZjGR&p=http%3A//bdesheba.com&dtd=62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D45E 158 KB
48 KB 71ms
68ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 22:36:09 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2D4F 0
0 168ms
106ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3q8BWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExQFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8ZrMhfklpX--Q1XSbarL7cRF_COmmTpBT9e4_J9lAoScEU7Fr4dhoAGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjE5MzAxNzUxNjY1MTgxMRgA&sigh=eRkuESb0vrQ&uach_m=[UACH]&cid=CAQSPADUE5ymu8X5Blw5CdEGBIxOQ9EoPJaQ_BPTAOnnnhIkySR8dClv7tWjp2_7ijO1TNWN2W6RzRKrZ-pVnhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=600&adk=2501168263&adf=2771890006&pi=t.aa~a.1697038023~rp.4&daaos=1678050882417&w=300&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=300x600&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1678055768987&bpp=3&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0&nras=2&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1qA1GSWxsy&p=http%3A//bdesheba.com&dtd=28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 22:36:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2D4F 0
0 107ms
33ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gfp819p647th59t1neny2e50d611jb0n07z3phnd97kk0msa40zvn9w9c1n1mahjz36btkyze71wwv9q3a8082swptn60y0905ngmbe8b2csw4zb4wjzvhmb0308d9e9wfmgenj92dpgwdk5a73mkqgdkggcdfx73mtxfd20fykzs82kj99see5dt9wzx46xa2nk8ff5vhstecppfvmrsym7j37ygt4mhs0d9b9j37wg9n119gaph5pevj38vmvdggs8m72byfqernbmcg2xmwdtn4bfp7ps60461wa8v4mj76zfb96fqm50gdmaxd4wtwp7qved687ygc9m20v8mb4nkvq06tpt44dgxd3760120yjngfxtfhxt0604wjja39w74w2p94dx3r&b=ZAUZWQABJ-wCHkYaAAq8a-ZV0obzxic4M73NtA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=600&adk=2501168263&adf=2771890006&pi=t.aa~a.1697038023~rp.4&daaos=1678050882417&w=300&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=300x600&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1678055768987&bpp=3&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0&nras=2&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1qA1GSWxsy&p=http%3A//bdesheba.com&dtd=28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 05 Mar 2023 22:36:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame BD66 2 KB
1 KB 84ms
42ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hckhy1etk8j5y2s5teb1e3q4k6qxhmyb1df8g0wgp7ygjy8rrs0y2ehdzpa5vtgw46r63a4jdtpzsqxxm9q4gyjszrby8cbfakbwat50m823g37w5brnpd73p12kn2e5qbdystkex8cw7pp658dwd8w6smy7vkjk7xasq6px0fym73thk5h9fx0tzgxt2a52vn2jasb0v80kex9tnxjr9bj2xeakz63fev07j156a1etbnkvrpazk0a38tgjvhh009s36474a2xc3mekyj97ce41ynq1aesfqh0kx13efj60n41j1z60ank7en6cbgj1tyeka3pb469k1p1myxszx9a8pqn2p0fynzxqft6k6x8zbkyg2vx7s0mr0tqqg449b5qa2zyk3jw5f49hacg6m8nr53s12h9777jb4tzngkj93k2q9nkdj0wp2nj17z3r5bd55z5y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%26client%3Dca-pub-2193017516651811%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16619ce27d251a6ac3f84a579f1db85807c95206fdc6b93c2e82b74dc3d3fc10

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a35d60f5f8abbcd-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:09 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D8B0 1 KB
643 B 92ms
53ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Mon, 06 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 9B38
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEHtEfJg3B8KRp051mItqbJg&google_cver=1&google_push=Aa02lx_3SGrvTeEZjwz55fqtXQuIaJ8cylVhxrAZMSJ32apmttI88hVFHbcmoWW54DjcWcmzsUg5tkbRMcsKRFxr5kSmQyTaf0km&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHtEfJg3B8KRp051mItqbJg&google_cver=1&google_push=Aa02lx_3SGrvTeEZjwz55fqtXQuIaJ8cylVhxrAZMSJ32apmttI88hVFHbcmoWW54DjcWcmzsUg5tkbRMcsKRFxr5kSmQyTaf0k...

43 B
437 B

260ms
200ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHtEfJg3B8KRp051mItqbJg&google_cver=1&google_push=Aa02lx_3SGrvTeEZjwz55fqtXQuIaJ8cylVhxrAZMSJ32apmttI88hVFHbcmoWW54DjcWcmzsUg5tkbRMcsKRFxr5kSmQyTaf0km&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_3SGrvTeEZjwz55fqtXQuIaJ8cylVhxrAZMSJ32apmttI88hVFHbcmoWW54DjcWcmzsUg5tkbRMcsKRFxr5kSmQyTaf0km%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1684538416&adf=2347993287&pi=t.aa~a.3975233358~rp.1&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200&nras=4&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=UsLrihClRm&p=http%3A//bdesheba.com&dtd=57
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a35d6119e499107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:09 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 566
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEHtEfJg3B8KRp051mItqbJg&google_cver=1&google_push=Aa02lx_3SGrvTeEZjwz55fqtXQuIaJ8cylVhxrAZMSJ32apmttI88hVFHbcmoWW54DjcWcmzsUg5tkbRMcsKRFxr5kSmQyTaf0km&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_3SGrvTeEZjwz55fqtXQuIaJ8cylVhxrAZMSJ32apmttI88hVFHbcmoWW54DjcWcmzsUg5tkbRMcsKRFxr5kSmQyTaf0km%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a35d60ffd5e9107-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9B38
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELvjNSg-75NPFcLdOvgEUU4&google_cver=1&google_push=Aa02lx8hyQhqxP97tIq4k9hFw862jSFQI5M1iWprFZOLoPNmy1tol9vSbsM9LAvDDW-dEF2fy_JV7HhqMcRva8...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNzE5NDY0ODczMzM1MDAzMw%3D%3D&google_push=Aa02lx8hyQhqxP97tIq4k9hFw862jSFQI5M1iWprFZOLoPNmy1tol9vSbsM9LAvDDW-dEF2fy_JV7HhqMcRva8eLl2...

170 B
232 B

75ms
70ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNzE5NDY0ODczMzM1MDAzMw%3D%3D&google_push=Aa02lx8hyQhqxP97tIq4k9hFw862jSFQI5M1iWprFZOLoPNmy1tol9vSbsM9LAvDDW-dEF2fy_JV7HhqMcRva8eLl2BBL5Ol0pFN

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwNzE5NDY0ODczMzM1MDAzMw%3D%3D&google_push=Aa02lx8hyQhqxP97tIq4k9hFw862jSFQI5M1iWprFZOLoPNmy1tol9vSbsM9LAvDDW-dEF2fy_JV7HhqMcRva8eLl2BBL5Ol0pFN
Date: Sun, 05 Mar 2023 22:36:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B38
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Sfp1k...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAa02lx8Sfp1k...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDUyMjM2MDkwMDA0NzA5NDAwMjAxOA%3D%3D&google_push=Aa02lx8Sfp1kKVhwKaJakYRQHqcPEQS_BXsDoZE-ZtiNNJuBR_0-atEJl9Da9kh-sAR-_e...

170 B
188 B

66ms
66ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDUyMjM2MDkwMDA0NzA5NDAwMjAxOA%3D%3D&google_push=Aa02lx8Sfp1kKVhwKaJakYRQHqcPEQS_BXsDoZE-ZtiNNJuBR_0-atEJl9Da9kh-sAR-_eTfvwP76vXCuAvDGoOazhj05XtcoKskbg

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAzMDUyMjM2MDkwMDA0NzA5NDAwMjAxOA%3D%3D&google_push=Aa02lx8Sfp1kKVhwKaJakYRQHqcPEQS_BXsDoZE-ZtiNNJuBR_0-atEJl9Da9kh-sAR-_eTfvwP76vXCuAvDGoOazhj05XtcoKskbg
pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 05 Mar 2023 22:36:10 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 9B38 42 B
213 B 146ms
32ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEH6_AyISKI8LXBO2BgRai6I&google_push=Aa02lx9Pi3Ydq9QOutv0rwI9pt0qitBYZQuwrs_Siy9Ni5X9DsoIiLRfVVPcHmDi1q5wwpWLHtrgojUI9DFGaGzWqkxYP1oD-Ij3NA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1684538416&adf=2347993287&pi=t.aa~a.3975233358~rp.1&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200&nras=4&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=1726&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=UsLrihClRm&p=http%3A//bdesheba.com&dtd=57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9B38
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENON-khUfFtE3jU3fucRDeA&google_cver=1&google_push=Aa02lx_3PqnweSaV3q4-E5wqGxPmLrncVvTnJ5vOTMj1R7mv9mYDFz4JeAOQe77iaYk--964-PX...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWWjJVSU8tWC1DWFNU&google_push=Aa02lx_3PqnweSaV3q4-E5wqGxPmLrncVvTnJ5vOTMj1R7mv9mYDFz4JeAOQe77iaYk--964-PXq5f1nVSZu6z1baMHRNEA_w78Y7Q

170 B
232 B

73ms
69ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWWjJVSU8tWC1DWFNU&google_push=Aa02lx_3PqnweSaV3q4-E5wqGxPmLrncVvTnJ5vOTMj1R7mv9mYDFz4JeAOQe77iaYk--964-PXq5f1nVSZu6z1baMHRNEA_w78Y7Q

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWWjJVSU8tWC1DWFNU&google_push=Aa02lx_3PqnweSaV3q4-E5wqGxPmLrncVvTnJ5vOTMj1R7mv9mYDFz4JeAOQe77iaYk--964-PXq5f1nVSZu6z1baMHRNEA_w78Y7Q
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9B38
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEA2LM6Gtm2YMk_eCadGzUsM&google_cver=1&google_push=Aa02lx_cKSE-SfOdQX8Mu9pc7Ehsixa3RcdFLcuhDIgJgB048i0NE0eNM_KCbIKRFwQM19LPHdxBPwKdTkqS...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_cKSE-SfOdQX8Mu9pc7Ehsixa3RcdFLcuhDIgJgB048i0NE0eNM_KCbIKRFwQM19LPHdxBPwKdTkqSHFqkWlq40YIP-0Cx

170 B
329 B

72ms
68ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_cKSE-SfOdQX8Mu9pc7Ehsixa3RcdFLcuhDIgJgB048i0NE0eNM_KCbIKRFwQM19LPHdxBPwKdTkqSHFqkWlq40YIP-0Cx

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_cKSE-SfOdQX8Mu9pc7Ehsixa3RcdFLcuhDIgJgB048i0NE0eNM_KCbIKRFwQM19LPHdxBPwKdTkqSHFqkWlq40YIP-0Cx
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B38
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEBB4mvouCKZUr2254D7-6rg&google_cver=1&google_push=Aa02lx_RHhl4LMaPwnrENu_qnrGHcq8aCcGSYjZ-Fnbhwk-39Naimj6gH3SdTovqT9LS893g1Kj4h6YXflBDIP8UNiGaNP...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBB4mvouCKZUr2254D7-6rg&google_cver=1&google_push=Aa02lx_RHhl4LMaPwnrENu_qnrGHcq8aCcGSYjZ-Fnbhwk-39Naimj6gH3SdTovqT9LS893g1Kj4h6YXflBDIP8U...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3CGtTVqpSUaGOi8XNTDMSg&google_push=Aa02lx_RHhl4LMaPwnrENu_qnrGHcq8aCcGSYjZ-Fnbhwk-39Naimj6gH3SdTovqT9LS893g1Kj4h6YXflBDIP8...

170 B
188 B

63ms
62ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3CGtTVqpSUaGOi8XNTDMSg&google_push=Aa02lx_RHhl4LMaPwnrENu_qnrGHcq8aCcGSYjZ-Fnbhwk-39Naimj6gH3SdTovqT9LS893g1Kj4h6YXflBDIP8UNiGaNPElu5gT9Q

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3CGtTVqpSUaGOi8XNTDMSg&google_push=Aa02lx_RHhl4LMaPwnrENu_qnrGHcq8aCcGSYjZ-Fnbhwk-39Naimj6gH3SdTovqT9LS893g1Kj4h6YXflBDIP8UNiGaNPElu5gT9Q
access-control-allow-origin: *
date: Sun, 05 Mar 2023 22:36:09 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9B38 0
130 B 189ms
57ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KU2yUviyI9htjreEelE1Vb6MyxSgR858xnAz8imJD1pwB8wqlCFZUp6bkCatH9dEoXYDAa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 4857 94 KB
12 KB 40ms
35ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jyvbbye4x4jgq2cvh67z83k9xnbnxfgw12c1v4vx7ecxnamenpzxmsye2mgsz3jdnztf0n7vadm2d4z6r0d25e1c9whgqvqe8ed9cpk72nnc0z4gdqvdebxrdxv1a3zywme8v0bcrr8wz4dbamj46qq1tgndxmzwasyhqd559bshcap7dbnwkp5y699ax3cmfmttm5wspxakx86b9n38tdz66f2zt7h5gqjqxrjkn5r03dc06w2mce0j527z0eb7hw07jxsxfwtxwbq4w43qcwa31e1zbjcbwpg2k0zqz5fjx1gdj3ypr54czwj1r62mksx26pw4zhtjhe74rgfsxszd50yrp51kr7e7c724smdh674kbgece8r9gpzd6078d860fqa0h3fecg925mwep1gpyvgnnp1ynzqq7wfhj0g555apsvft975c3vd51gnx4a79w5y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%26client%3Dca-pub-2193017516651811%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jyvbbye4x4jgq2cvh67z83k9xnbnxfgw12c1v4vx7ecxnamenpzxmsye2mgsz3jdnztf0n7vadm2d4z6r0d25e1c9whgqvqe8ed9cpk72nnc0z4gdqvdebxrdxv1a3zywme8v0bcrr8wz4dbamj46qq1tgndxmzwasyhqd559bshcap7dbnwkp5y699ax3cmfmttm5wspxakx86b9n38tdz66f2zt7h5gqjqxrjkn5r03dc06w2mce0j527z0eb7hw07jxsxfwtxwbq4w43qcwa31e1zbjcbwpg2k0zqz5fjx1gdj3ypr54czwj1r62mksx26pw4zhtjhe74rgfsxszd50yrp51kr7e7c724smdh674kbgece8r9gpzd6078d860fqa0h3fecg925mwep1gpyvgnnp1ynzqq7wfhj0g555apsvft975c3vd51gnx4a79w5y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%26client%3Dca-pub-2193017516651811%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 388958
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yp6gro0J7p7mbHxXTOAHyIKRLWirRFkpyq2hYG098g3ReTy%2FegSRrybUIJmsIBT2bvk6YCWEnwWpcn3k09jz0US7HDp8Crga2hGyrHIfIU8HhlEIvKpi%2FqH6VRVDDwOKIb1qojnqvA8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a35d60f6f8bbbcd-FRA
expires: Sun, 05 Mar 2023 23:36:09 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4857 35 KB
12 KB 125ms
33ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jyvbbye4x4jgq2cvh67z83k9xnbnxfgw12c1v4vx7ecxnamenpzxmsye2mgsz3jdnztf0n7vadm2d4z6r0d25e1c9whgqvqe8ed9cpk72nnc0z4gdqvdebxrdxv1a3zywme8v0bcrr8wz4dbamj46qq1tgndxmzwasyhqd559bshcap7dbnwkp5y699ax3cmfmttm5wspxakx86b9n38tdz66f2zt7h5gqjqxrjkn5r03dc06w2mce0j527z0eb7hw07jxsxfwtxwbq4w43qcwa31e1zbjcbwpg2k0zqz5fjx1gdj3ypr54czwj1r62mksx26pw4zhtjhe74rgfsxszd50yrp51kr7e7c724smdh674kbgece8r9gpzd6078d860fqa0h3fecg925mwep1gpyvgnnp1ynzqq7wfhj0g555apsvft975c3vd51gnx4a79w5y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%26client%3Dca-pub-2193017516651811%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345940
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcBAiwcp5b4B3rGbYWalDjg3qh7UgPMrxD7qN5o04ym2Np5QXYDS4jIb9QzzJC0r3iAbAgx25vvPjBxFyWTGo%2FHKDM%2BUbGts8It0GEUCjRnDhEVwnvel4mC30nSUTNVs0GPEKy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7a35d60feffbbbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 27 Feb 2023 22:45:45 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 012E 94 KB
12 KB 39ms
34ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h5856ddcdhwqay6p49tmarkszqm7mzzj8w1tmw73jwd9j9mxwqysbdyxtm2580m1xyf1xscmzjvwjzhjvcceymr3e03w79tp9xnn64jg9d6d8dmn28cm8zbh7j9jj99t6x3md01x99hy3vahxsbj6ats8zxnjghhc96gvmxegee8b16pap7403q97snxvbc7hw3kx1b613vpwwfwwmwddssbny4nqm75gmwm6nzwtgqj3ar7dbzbs839zt1q81twqn6nvrztrpjnjhabwaqcsh5hv868fb35psj9fpajqpr8vyj70vx5pg4p3feyhp8yy1xvb69xwvw5qcgzfexdxeanztyf8e6chpx4hby6fcz53rvfe9tafeynb4bdd4pf8e8dbrqwvp82sz5ehtqy163z085k1kt68wa1f4fkmdae2hs4d01fym5xxc3rb56sy33rrx2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%26client%3Dca-pub-2193017516651811%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h5856ddcdhwqay6p49tmarkszqm7mzzj8w1tmw73jwd9j9mxwqysbdyxtm2580m1xyf1xscmzjvwjzhjvcceymr3e03w79tp9xnn64jg9d6d8dmn28cm8zbh7j9jj99t6x3md01x99hy3vahxsbj6ats8zxnjghhc96gvmxegee8b16pap7403q97snxvbc7hw3kx1b613vpwwfwwmwddssbny4nqm75gmwm6nzwtgqj3ar7dbzbs839zt1q81twqn6nvrztrpjnjhabwaqcsh5hv868fb35psj9fpajqpr8vyj70vx5pg4p3feyhp8yy1xvb69xwvw5qcgzfexdxeanztyf8e6chpx4hby6fcz53rvfe9tafeynb4bdd4pf8e8dbrqwvp82sz5ehtqy163z085k1kt68wa1f4fkmdae2hs4d01fym5xxc3rb56sy33rrx2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%26client%3Dca-pub-2193017516651811%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 388958
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coGtgo%2F27dVjOxRuvLr0YIKn7452QDa%2BylCUAMfufkAdLjDFQY%2BEZSHfFJiz2mo1psyPpM%2F3EaWCzpFQTQy4nENcvw2sFPydd34qtJRNhGER0BG35y0YnU8JvchbeMrFOYgyJOu6a9w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a35d60f6f95bbcd-FRA
expires: Sun, 05 Mar 2023 23:36:09 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 012E 35 KB
12 KB 119ms
38ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h5856ddcdhwqay6p49tmarkszqm7mzzj8w1tmw73jwd9j9mxwqysbdyxtm2580m1xyf1xscmzjvwjzhjvcceymr3e03w79tp9xnn64jg9d6d8dmn28cm8zbh7j9jj99t6x3md01x99hy3vahxsbj6ats8zxnjghhc96gvmxegee8b16pap7403q97snxvbc7hw3kx1b613vpwwfwwmwddssbny4nqm75gmwm6nzwtgqj3ar7dbzbs839zt1q81twqn6nvrztrpjnjhabwaqcsh5hv868fb35psj9fpajqpr8vyj70vx5pg4p3feyhp8yy1xvb69xwvw5qcgzfexdxeanztyf8e6chpx4hby6fcz53rvfe9tafeynb4bdd4pf8e8dbrqwvp82sz5ehtqy163z085k1kt68wa1f4fkmdae2hs4d01fym5xxc3rb56sy33rrx2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%26client%3Dca-pub-2193017516651811%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345940
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsFjhNj9CuZjDzUY6DCajevQ0QihYyeTHtoMbI%2BLb0voR%2FoCXhW4siVwetOdjqHvMx5aVKmeC%2BmQ7C4Rq0OqzNgg1GP%2BsfGOQLJ4HhWqkd2xfbmM7UnhzBpdcQJ6skkdMkiHung%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7a35d60feffcbbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 27 Feb 2023 22:45:45 GMT

GET
DATA 200
OK truncated
/ Frame CD2E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 271e006d8a6853de8cd7ffce8167d27993e10c21ccf28aba33b98eea603c83bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2D4F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bc7c5a25bb4c262a76f35774e0f253e6061af283fe1ec52d160996729a1abd3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame BD66 94 KB
12 KB 35ms
34ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hckhy1etk8j5y2s5teb1e3q4k6qxhmyb1df8g0wgp7ygjy8rrs0y2ehdzpa5vtgw46r63a4jdtpzsqxxm9q4gyjszrby8cbfakbwat50m823g37w5brnpd73p12kn2e5qbdystkex8cw7pp658dwd8w6smy7vkjk7xasq6px0fym73thk5h9fx0tzgxt2a52vn2jasb0v80kex9tnxjr9bj2xeakz63fev07j156a1etbnkvrpazk0a38tgjvhh009s36474a2xc3mekyj97ce41ynq1aesfqh0kx13efj60n41j1z60ank7en6cbgj1tyeka3pb469k1p1myxszx9a8pqn2p0fynzxqft6k6x8zbkyg2vx7s0mr0tqqg449b5qa2zyk3jw5f49hacg6m8nr53s12h9777jb4tzngkj93k2q9nkdj0wp2nj17z3r5bd55z5y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%26client%3Dca-pub-2193017516651811%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hckhy1etk8j5y2s5teb1e3q4k6qxhmyb1df8g0wgp7ygjy8rrs0y2ehdzpa5vtgw46r63a4jdtpzsqxxm9q4gyjszrby8cbfakbwat50m823g37w5brnpd73p12kn2e5qbdystkex8cw7pp658dwd8w6smy7vkjk7xasq6px0fym73thk5h9fx0tzgxt2a52vn2jasb0v80kex9tnxjr9bj2xeakz63fev07j156a1etbnkvrpazk0a38tgjvhh009s36474a2xc3mekyj97ce41ynq1aesfqh0kx13efj60n41j1z60ank7en6cbgj1tyeka3pb469k1p1myxszx9a8pqn2p0fynzxqft6k6x8zbkyg2vx7s0mr0tqqg449b5qa2zyk3jw5f49hacg6m8nr53s12h9777jb4tzngkj93k2q9nkdj0wp2nj17z3r5bd55z5y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%26client%3Dca-pub-2193017516651811%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 388958
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWy70tk0D%2FdFztYsmI5gHBhl5h4wwiQu7B8e%2F%2FbScQae%2B0mfcU2uylfYe5rMx2AmwaHzZKYFO75ZO0DvYLCwYAGCnTfpY7RKa9HffNKalg1YZctJ%2B8%2FL0PxCq7YKNWHR4oVdvm84X4c%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a35d610689a9007-FRA
expires: Sun, 05 Mar 2023 23:36:09 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame BD66 35 KB
12 KB 71ms
70ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hckhy1etk8j5y2s5teb1e3q4k6qxhmyb1df8g0wgp7ygjy8rrs0y2ehdzpa5vtgw46r63a4jdtpzsqxxm9q4gyjszrby8cbfakbwat50m823g37w5brnpd73p12kn2e5qbdystkex8cw7pp658dwd8w6smy7vkjk7xasq6px0fym73thk5h9fx0tzgxt2a52vn2jasb0v80kex9tnxjr9bj2xeakz63fev07j156a1etbnkvrpazk0a38tgjvhh009s36474a2xc3mekyj97ce41ynq1aesfqh0kx13efj60n41j1z60ank7en6cbgj1tyeka3pb469k1p1myxszx9a8pqn2p0fynzxqft6k6x8zbkyg2vx7s0mr0tqqg449b5qa2zyk3jw5f49hacg6m8nr53s12h9777jb4tzngkj93k2q9nkdj0wp2nj17z3r5bd55z5y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%26client%3Dca-pub-2193017516651811%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:04:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 345940
etag: W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TdVlA%2BGo%2FafSYXAx2eqtdiqAaoNWoEq3Y0GSqTD8Fn808EJ%2FpSN%2FsUrcjdu7Qd4D%2FP6OOMATLTlr5NGvgum3Zki%2B30xK21pVAOEjmYetOc4MYGHm3bRcZTN%2B%2F%2FWjDlSVn%2FT3fM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7a35d610689b9007-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 27 Feb 2023 22:45:45 GMT

GET
DATA 200
OK truncated
/ Frame D45E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f38c2f0e18d76c40443c0eda45c67f9481191d7d2222ffea369f5ae53e8c4e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 45D2 35 B
464 B 136ms
22ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB791pnWrNZ-YY9bVXdRYK4&google_cver=1&google_push=Aa02lx8v-NoT_YdDukCoX2OGI3ZK7FrrHHDZpzu0bV4D9_yQpDBY0b5Iiwnq4C52DpzKc7l640o_HpHxGBY5AX9fQzsa9jmYvdFB

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45D2
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEBMxoKChbwfHDOZJuWhiroE&google_cver=1&google_push=Aa02lx-tlLv-RwRNur3oOg6L7GqMaymwm8vTyAAsy6_vue4bgM3B2CtdKVS0q4G11I4Gk15sUFc2CrezjvkVYuizRhSJ2BQF7zx3
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx-tlLv-RwRNur3oOg6L7GqMaymwm8vTyAAsy6_vue4bgM3B2CtdKVS0q4G11I4Gk15sUFc2CrezjvkVYuizRhSJ2BQF7zx3&google_hm=Q0FFU0VCTXhvS0NoYndmS...

170 B
188 B

61ms
61ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx-tlLv-RwRNur3oOg6L7GqMaymwm8vTyAAsy6_vue4bgM3B2CtdKVS0q4G11I4Gk15sUFc2CrezjvkVYuizRhSJ2BQF7zx3&google_hm=Q0FFU0VCTXhvS0NoYndmSERPWkp1V2hpcm9F

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:36:09 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=Aa02lx-tlLv-RwRNur3oOg6L7GqMaymwm8vTyAAsy6_vue4bgM3B2CtdKVS0q4G11I4Gk15sUFc2CrezjvkVYuizRhSJ2BQF7zx3&google_hm=Q0FFU0VCTXhvS0NoYndmSERPWkp1V2hpcm9F
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 45D2 43 B
351 B 143ms
30ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJZsSRuinqy947GYczVtltQ&google_cver=1&google_push=Aa02lx_o3NKd1hVxaKJSSZ3tEbqkfmMycgBA01i1ERE_HkcavY8eTg2fvibpqVUG9L0QKYVYXK9nJ6hLJMdl3O5wHoPTfbSGAq57
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=50&adk=1055022455&adf=1967474185&pi=t.aa~a.3376315274~rp.4&daaos=1678050882417&w=348&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=348x50&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1678055768987&bpp=1&bdt=1681&idt=1&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0%2C300x600%2C348x200%2C348x50&nras=5&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=617&ady=2756&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=FeZf7JZjGR&p=http%3A//bdesheba.com&dtd=62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:09 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5u902k9g7jooinlfq5jonu77fbpe5n3o

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45D2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8naRzYVlStO-58Amn_d-mQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

71ms
71ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8naRzYVlStO-58Amn_d-mQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_V3ZLxcBtXoSsl_8x6JyrLJXrYwXJh8zxqw7ofUrCnTUx4r8pniPZYxjEtx7xel4b67h45CSVkoof1yL9n0OvwcjLOkRg

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8naRzYVlStO-58Amn_d-mQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_V3ZLxcBtXoSsl_8x6JyrLJXrYwXJh8zxqw7ofUrCnTUx4r8pniPZYxjEtx7xel4b67h45CSVkoof1yL9n0OvwcjLOkRg
date: Sun, 05 Mar 2023 22:36:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 45D2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIvMh6F_vnivtNRYQf_e6L8&google_cver=1&google_push=Aa02lx9mjLGH2NyZsI-rlTfjlYI5yB6ZHuPJEAU1Yje0VRFYyR39tcsIh1uIuGEV9Ilw62L5wUQ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWWjJVTVQtQy1EQlJJ&google_push=Aa02lx9mjLGH2NyZsI-rlTfjlYI5yB6ZHuPJEAU1Yje0VRFYyR39tcsIh1uIuGEV9Ilw62L5wUQAi4OPdrkckuM_4k_XQ05TrGJt

170 B
232 B

71ms
57ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWWjJVTVQtQy1EQlJJ&google_push=Aa02lx9mjLGH2NyZsI-rlTfjlYI5yB6ZHuPJEAU1Yje0VRFYyR39tcsIh1uIuGEV9Ilw62L5wUQAi4OPdrkckuM_4k_XQ05TrGJt

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVWWjJVTVQtQy1EQlJJ&google_push=Aa02lx9mjLGH2NyZsI-rlTfjlYI5yB6ZHuPJEAU1Yje0VRFYyR39tcsIh1uIuGEV9Ilw62L5wUQAi4OPdrkckuM_4k_XQ05TrGJt
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 45D2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBq369Jux3opTuVdPhDs3CM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBq369Jux3opTuVdPhDs3CM&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBq369Jux3opTuVdPhDs3CM&google_hm=ZAUZWo7RqIUg2KZ0yeQHiQAADMcAAAIB&google_nid=index&google_push=Aa02lx8VOFD9UQjTb7d4qa_bdVsqfR7qdKMuy...

170 B
188 B

60ms
60ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBq369Jux3opTuVdPhDs3CM&google_hm=ZAUZWo7RqIUg2KZ0yeQHiQAADMcAAAIB&google_nid=index&google_push=Aa02lx8VOFD9UQjTb7d4qa_bdVsqfR7qdKMuyxjkUN-ll91dM4MyllermTbvIjU15drqn6-6mWDWuLDFehe1_aiSA_3aTR2nEluL

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:36:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBq369Jux3opTuVdPhDs3CM&google_hm=ZAUZWo7RqIUg2KZ0yeQHiQAADMcAAAIB&google_nid=index&google_push=Aa02lx8VOFD9UQjTb7d4qa_bdVsqfR7qdKMuyxjkUN-ll91dM4MyllermTbvIjU15drqn6-6mWDWuLDFehe1_aiSA_3aTR2nEluL
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 45D2 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 45D2 0
49 B 60ms
59ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JrXfqVekrQs_r6fjB4e8kST_86_xD-Inr_-ehyar5ki82OejqHvXhctdrFWUwLd_jNYH0bmw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame D8B0 35 B
462 B 121ms
26ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHRIXGxo8F-YE-WNomCoeBc&google_cver=1&google_push=Aa02lx9pezUy2KNwulp1X0w44CaxL6_0Z74LPneVaHJ2IivisnPeObVga7G7-WfEDDq6GeM_gzBPt1VO5KD565AKfiZXhYTO44t0fqc

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8B0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJwZoCmY_Iy1hLesZCHNZzA&google_cver=1&google_push=Aa02lx8qX3tmD6DnyD6wyYX6lHLu1ukfOqt0GA7hkcHtw_taU95kmzmbreRLAS5NG86aDgstYLVxUntmsLISHHSJ...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8qX3tmD6DnyD6wyYX6lHLu1ukfOqt0GA7hkcHtw_taU95kmzmbreRLAS5NG86aDgstYLVxUntmsLISHHSJUAzOUmIaJ0brtx0

170 B
188 B

62ms
61ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8qX3tmD6DnyD6wyYX6lHLu1ukfOqt0GA7hkcHtw_taU95kmzmbreRLAS5NG86aDgstYLVxUntmsLISHHSJUAzOUmIaJ0brtx0

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 05 Mar 2023 22:36:10 GMT
Server: MT3 569 46451a0 master zrh-pixel-x29 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx8qX3tmD6DnyD6wyYX6lHLu1ukfOqt0GA7hkcHtw_taU95kmzmbreRLAS5NG86aDgstYLVxUntmsLISHHSJUAzOUmIaJ0brtx0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 05 Mar 2023 22:36:09 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame D8B0 70 B
265 B 435ms
47ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHu2MkeQ5Dt7l3_tqJQLOI0&google_cver=1&google_push=Aa02lx9FwIgd5YS5OVmi_HlzjXam7dw9sA1kw1i72Ym9WXzlpxmeu3Rwv17BQmywiwz1R821XGZ75PYgBKfkRqp15Aq6mbP1sW6o7SA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2193017516651811&output=html&h=600&adk=2501168263&adf=2771890006&pi=t.aa~a.1697038023~rp.4&daaos=1678050882417&w=300&fwrn=4&fwrnh=100&lmt=1678055769&rafmt=1&to=qs&pwprc=2298420385&format=300x600&url=http%3A%2F%2Fbdesheba.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&dt=1678055768987&bpp=3&bdt=1681&idt=-M&shv=r20230301&mjsv=m202302280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db4455ef9f1d0ab34-2260f9c044dd00f4%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg&gpic=UID%3D00000bc0ec8db489%3AT%3D1678055768%3ART%3D1678055768%3AS%3DALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g&prev_fmts=0x0&nras=2&correlator=8092147552327&frm=20&pv=1&ga_vid=354131852.1678055768&ga_sid=1678055769&ga_hid=939198550&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=1405&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777877%2C44759876%2C44759927%2C31072787&oid=2&pvsid=3216991145751260&tmod=207434201&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1qA1GSWxsy&p=http%3A//bdesheba.com&dtd=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8B0
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJgkUZGm-hlWFTsIafSNarE&google_cver=1&google_push=Aa02lx8-QjkQBsuJWGY6jQL4Fz4LZ6JbGQFToZDxZIz2RZqMzuvl6-PTAizKezx-38LLw81s5YcNb54IPqA...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8-QjkQBsuJWGY6jQL4Fz4LZ6JbGQFToZDxZIz2RZqMzuvl6-PTAizKezx-38LLw81s5YcNb54IPqAuEj9qgDYNx2vPnAWLuQ&google_hm=0XP6tPXAQvKJ2sqoP2...

170 B
188 B

64ms
64ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8-QjkQBsuJWGY6jQL4Fz4LZ6JbGQFToZDxZIz2RZqMzuvl6-PTAizKezx-38LLw81s5YcNb54IPqAuEj9qgDYNx2vPnAWLuQ&google_hm=0XP6tPXAQvKJ2sqoP2bVYYM

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8-QjkQBsuJWGY6jQL4Fz4LZ6JbGQFToZDxZIz2RZqMzuvl6-PTAizKezx-38LLw81s5YcNb54IPqAuEj9qgDYNx2vPnAWLuQ&google_hm=0XP6tPXAQvKJ2sqoP2bVYYM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8B0
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEIluAUR6smr137docJKzD48&google_cver=1&google_push=Aa02lx8S5qdCBpqUeipHM25sGXXiR1OdmYBw7N1Ldjwan3YkoTqGs86YbdxG5vBk593swHxq7hyJG8kP46ARs9fX...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=C-7YvZ8ER6-s5RqTBtu3-A2&google_push=Aa02lx8S5qdCBpqUeipHM25sGXXiR1OdmYBw7N1Ldjwan3YkoTqGs86YbdxG5vBk593swHxq7hyJG8kP46ARs9fX2TyAlROK0m-Xuw

170 B
188 B

66ms
66ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=C-7YvZ8ER6-s5RqTBtu3-A2&google_push=Aa02lx8S5qdCBpqUeipHM25sGXXiR1OdmYBw7N1Ldjwan3YkoTqGs86YbdxG5vBk593swHxq7hyJG8kP46ARs9fX2TyAlROK0m-Xuw

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 05 Mar 2023 22:36:10 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=C-7YvZ8ER6-s5RqTBtu3-A2&google_push=Aa02lx8S5qdCBpqUeipHM25sGXXiR1OdmYBw7N1Ldjwan3YkoTqGs86YbdxG5vBk593swHxq7hyJG8kP46ARs9fX2TyAlROK0m-Xuw
x-host: tde-deliveryengine-production-cdcfc8b9-q4z8q
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8B0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHjLa8Qd44DDe71r1Gb9iyY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHjLa8Qd44DDe71r1Gb9iyY&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHjLa8Qd44DDe71r1Gb9iyY&google_hm=ZAUZWo7RqIUg2KZ0yeQHiQAADMcAAAIB&google_nid=index&google_push=Aa02lx-Eq0yXW1MQqXVdQhUFCQOnwwZAEdtzg...

170 B
188 B

64ms
63ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHjLa8Qd44DDe71r1Gb9iyY&google_hm=ZAUZWo7RqIUg2KZ0yeQHiQAADMcAAAIB&google_nid=index&google_push=Aa02lx-Eq0yXW1MQqXVdQhUFCQOnwwZAEdtzgy0B5idII_iFOBnyaEuCy1smOqVuIp3NH29t2nT08td2eZMYvFkWmkyQddpCMmpc4h8

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:36:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHjLa8Qd44DDe71r1Gb9iyY&google_hm=ZAUZWo7RqIUg2KZ0yeQHiQAADMcAAAIB&google_nid=index&google_push=Aa02lx-Eq0yXW1MQqXVdQhUFCQOnwwZAEdtzgy0B5idII_iFOBnyaEuCy1smOqVuIp3NH29t2nT08td2eZMYvFkWmkyQddpCMmpc4h8
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8B0
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEP5jLjvJ0GD44winUKUCwfk&google_cver=1&google_push=Aa02lx9lTtP6Y5T_sORi42PVLkEnwcEBGN6tGWuETI1JY3JeG_Qbeoqz6WLRGZB0C49aQLpzo9CtSkKsT3hojBhj...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9lTtP6Y5T_sORi42PVLkEnwcEBGN6tGWuETI1JY3JeG_Qbeoqz6WLRGZB0C49aQLpzo9CtSkKsT3hojBhjzCuW8f13HAe9p_k

170 B
188 B

62ms
62ms

Image
image/png

142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9lTtP6Y5T_sORi42PVLkEnwcEBGN6tGWuETI1JY3JeG_Qbeoqz6WLRGZB0C49aQLpzo9CtSkKsT3hojBhjzCuW8f13HAe9p_k

Requested by

Protocol

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:36:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 05 Mar 2023 22:36:10 GMT
via: 1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9lTtP6Y5T_sORi42PVLkEnwcEBGN6tGWuETI1JY3JeG_Qbeoqz6WLRGZB0C49aQLpzo9CtSkKsT3hojBhjzCuW8f13HAe9p_k
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: zwRIIdOmOR1nXAJ-ntbBZTh9xub08Sh9lRvKJ28gcBcX7a-JrJK1wg==

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D8B0 0
40 B 73ms
72ms Image
text/html 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYGbTUVLfA_sV10B1QtQAmMwIu1HatyMcQp0xGkc0Xs1arDn4R_M6O7SQ8xI3u7A6iiMgM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4857 3 KB
4 KB 403ms
31ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1402
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmtdiHKAtJODpLhfg4HaePALIYDBhTe1hvMmdecD0vK8eNFkpTyBqjQwyQwCoNVo0mz7NBZOsjUmlvyVDzkC%2FkewrOJzfr8Qu8490IpmUFObZyQqpsf1TVf1xkV5Eml4osJZp90OYNxKjOsWAgadwnO%2B"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7a35d6136b1cbb73-FRA
expires: Sun, 05 Mar 2023 23:10:20 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 012E 3 KB
3 KB 406ms
35ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1402
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62F9MKt27mwCTRyD0Set4Ifx9unr3kfrzVn72AIirtxDdCuzBfLNa1KD7r%2FDCNngxvBkApiCU%2FTq3fwGtiBjm30m0JdvzIctKCWfVSi4QYwZ2Q4YekGs%2FdVU%2BrBAgNBrMzAUbO28kMV%2BAQslnwTkEHu%2F"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7a35d6136b1dbb73-FRA
expires: Sun, 05 Mar 2023 23:10:20 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame E2B1 2 KB
1 KB 59ms
46ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 527451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7a35d611492d9007-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:36:09 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwBILn8cIzwF%2FoxCyYyOdSf8fgnLdGG6JVP6%2B3KRrfuof29fit5BiQgcM7MKNzGZLa3LMdB%2B9TU9ho0FC0k%2BPIRIdfpOEcDmrLHHD%2BNUPd2YhV9zyJb%2Fn4jn5IZIcsToNp0%2BAWY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame 0F6C 2 KB
1 KB 56ms
47ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 527451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7a35d61149339007-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:36:09 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnhhmJoF5Wzo2o5%2BEBM5uUFTsn9VS1B01zPrbc0HX4ZN6WV2sfH%2Fs0bTxV1H4YOKfHgQRoQaLDGLj0yfjzGl7XifrHpd5DdUcv0jCencnD8E7zEccPzOI7Z%2FPUl9L1Gdxeg6Pcc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame BD66 3 KB
3 KB 386ms
36ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1402
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GN9L3UnbG3iIaP3bFbVBuaO9k1Wwokq8dfyemrSYhD5Hu7egtCarkVg%2BDCwRqa6WeGt3Rti0flu0FW2gYwalBIZjHA5D%2B6x0qp44HcUBeEW%2BLeRkXc9CzTcmw3DaCyIVcELih4k9wtX7ZvrzRY0ZslDB"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7a35d6136b1abb73-FRA
expires: Sun, 05 Mar 2023 23:10:20 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 13E0 2 KB
1 KB 50ms
44ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 527451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7a35d61149359007-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:36:09 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83mvA1XQFUxh%2FUiLOOvR6clpYyKi99OgBpPu0saHxzb%2F3qqfJTgMSZaBXl3TUJfcsN4ePtXx3215EB2m%2FRMQ9Oo3B7NKOe5XJR4V9vCjgdGRV0Ro%2FAvoDtuYJReyHOYxybfGf2s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 40ms
38ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

564804349268e1fd4a26f8cadedf4fc61d87792512291e3c57648b028c450bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11180
x-xss-protection: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 73ms
44ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a35d6141e03bb4a-FRA
content-length: 24
content-type: text/plain
date: Sun, 05 Mar 2023 22:36:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOc8heCy9FYXXX1SSSsjps6diL3KulsWpcSnbrfyzNC8picy4x496iyo2hR0BXVq9Lf0t9kTCRzmdr2O2uJ%2BPj7txwAVjWJ60lHKkKG9j93NifVm41gd6XuflhbG67y18xkANlQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-k9br

POST
H3 200 rs Show response
ad4m.at/ Frame 4857 1 KB
1 KB 60ms
53ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9df7dc597e0f6b10114877dfed11864d329ffb196cc0463a654d80dccbd85ebd

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTrKt9EPIy1JVxR25jdYuPpakU2YJqAMY6zaIrtOsKsu4lv%2B5kH%2Fmk%2BWJwYoilInNilCoKRKFG0icufV7vtdDc%2B5fsl2U5udyoYkRhq1LaUz33i%2FPmAzkp%2FuT8v4IAxjbZRfo%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7a35d6146e4bbb4a-FRA
x-backend-server: aa-reachservice-group-europe-west1-k9br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 69ms
44ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a35d6141dfebb4a-FRA
content-length: 24
content-type: text/plain
date: Sun, 05 Mar 2023 22:36:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClxLMW9yfcMkTjMNSwzT1fFK8hEhDNW90x3NShYaINICQok9CiSWzXY32pRde2armzqdaM6c5fX82V7q%2BDlVDKiMaFMGTxKKmyYD535VF9TmCQBJma7gk7X3KvI1FKmTWiEP4pY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-k9br

POST
H3 200 rs Show response
ad4m.at/ Frame BD66 1 KB
2 KB 61ms
54ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f92a8ae3f36ab7abe34c777299d49bc7ca66eb07d1b2c1749c7d6d8ce26626a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOZ%2BSRpTi9%2BuDadzPrV%2By4j52D%2BjKxVaAugZjyeBAVTQksNaskV621gYguPGhVeQOwafG9B1ldVlQDqK015jZ4bcdS4O%2By%2BeAAtVTNoMdaxrYUhe5BXzhT%2FSLrimLyMy2uyOhPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7a35d6146e49bb4a-FRA
x-backend-server: aa-reachservice-group-europe-west1-k9br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 71ms
48ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a35d6141e00bb4a-FRA
content-length: 24
content-type: text/plain
date: Sun, 05 Mar 2023 22:36:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyXEAQnlSm3bDGC6ZPL1tVQMKfVSSBGGvvXrbi5iNgB3ILo7Pd5vxs7Q7%2FXjiB0GPxyvLoDjoNkcyd1pnwOZWkVhwS89b8IBVX76euermZy4GQQZmPhoUxsLkdcnpZClxAo4qHA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-k9br

POST
H3 200 rs Show response
ad4m.at/ Frame 012E 1 KB
1 KB 54ms
54ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68261f839d9de9faf709978e52d8e4cc802300e51167ced5e0b4baa38e29639

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ojSQV0SgLn%2FpShw3IwdoGMDbQr3AsiKHsEpoouKACFSWRZEF7Wwbzi8RQkkBmIm6LCiIGaPaHcY036XHGum%2BIhjvgsQWzda2SEnhoxsXNhHqV6Vg%2Bl3ZdUPVBL4OdiA8necToY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7a35d6147e4ebb4a-FRA
x-backend-server: aa-reachservice-group-europe-west1-k9br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 22:36:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BEBB 13 KB
5 KB 25ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bdesheba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:11:49 GMT
expires: Mon, 04 Mar 2024 22:11:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9143 783 B
532 B 34ms
33ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5c630694d02e0ead2d807684bd37bd457e3483c13ca441ff6d775f8985b73ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k_rRfv9OpIaoJnoeeFhnDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bdesheba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-k_rRfv9OpIaoJnoeeFhnDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:10 GMT
expires: Sun, 05 Mar 2023 22:36:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js Show response
pagead2.googlesyndication.com/bg/ Frame BEBB 36 KB
14 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sSoBG9D25FhvYLg3_iwWJ49bM2Qm57VxEM1rvvqfaE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 07:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14343
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 07:18:19 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 7C9E 3 KB
3 KB 55ms
54ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=cd70ce35802cf1a82e55af3dabd61c17%2F12207372372213828420&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7h8rmjy3kqsv0k6g1z5wz4negq11x405aah18n7rgzj8c0zjp997kb2ywymjk0ag6qcrxw4crs9r2p4behkv3ym2f7b75ke973rfah03qcvdhst11angfrfb8h80989zq6vxj6ee3nh2r3rk8m2amyy2fcten9y3fngfj9hf2283b0e02gf03cqdbwbfhkg3my9sqbtw7rsspfp7ad7ya284anerscafdh7zfxgpjj08ka1fw266nem8pjakmjdhbbp3aqwaz034vg2yjp2tqp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5aaaae3dfd1fe3cb8e435b6d978f1a94e2e26b5f5ec572b89298870783f78cf

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jyvbbye4x4jgq2cvh67z83k9xnbnxfgw12c1v4vx7ecxnamenpzxmsye2mgsz3jdnztf0n7vadm2d4z6r0d25e1c9whgqvqe8ed9cpk72nnc0z4gdqvdebxrdxv1a3zywme8v0bcrr8wz4dbamj46qq1tgndxmzwasyhqd559bshcap7dbnwkp5y699ax3cmfmttm5wspxakx86b9n38tdz66f2zt7h5gqjqxrjkn5r03dc06w2mce0j527z0eb7hw07jxsxfwtxwbq4w43qcwa31e1zbjcbwpg2k0zqz5fjx1gdj3ypr54czwj1r62mksx26pw4zhtjhe74rgfsxszd50yrp51kr7e7c724smdh674kbgece8r9gpzd6078d860fqa0h3fecg925mwep1gpyvgnnp1ynzqq7wfhj0g555apsvft975c3vd51gnx4a79w5y&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%26client%3Dca-pub-2193017516651811%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a35d614fb4f9007-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9899 9 KB
4 KB 58ms
57ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47602bde76136c69faef5566a1c82c56a6e582f71d557a340b40687900d4a56

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hckhy1etk8j5y2s5teb1e3q4k6qxhmyb1df8g0wgp7ygjy8rrs0y2ehdzpa5vtgw46r63a4jdtpzsqxxm9q4gyjszrby8cbfakbwat50m823g37w5brnpd73p12kn2e5qbdystkex8cw7pp658dwd8w6smy7vkjk7xasq6px0fym73thk5h9fx0tzgxt2a52vn2jasb0v80kex9tnxjr9bj2xeakz63fev07j156a1etbnkvrpazk0a38tgjvhh009s36474a2xc3mekyj97ce41ynq1aesfqh0kx13efj60n41j1z60ank7en6cbgj1tyeka3pb469k1p1myxszx9a8pqn2p0fynzxqft6k6x8zbkyg2vx7s0mr0tqqg449b5qa2zyk3jw5f49hacg6m8nr53s12h9777jb4tzngkj93k2q9nkdj0wp2nj17z3r5bd55z5y0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%26client%3Dca-pub-2193017516651811%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a35d614fb529007-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BD77 3 KB
3 KB 53ms
52ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=e9ee5eb32c4596c6b5ba84b450bb2ad1%2F4522571688856130379&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770331&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcz2t6w165f4t9yjx5rvfbsnecj513141d9gsmf1kkr232w3yhhncbb54j24kashpaey5fst9qbg8pmjrfdqr9eqhr1ej4deqx6chnxvn25e26y3fpbfn1h5aps2mg30t4saa572fp6at9dqgvxvvn4c03j8hn0wky1dxbd0fw1rdj865w0thxfm46y64c353898mr1k5g324yhs2ktpywdjfqd039r19vr8dcqmxk4wjy9rq118w2g2wkz5secmv7f9csc3smftv547waemkj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8740c5b7f23f71182dbacb15041527faadb422897c07ff398617185a8fbaa5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h5856ddcdhwqay6p49tmarkszqm7mzzj8w1tmw73jwd9j9mxwqysbdyxtm2580m1xyf1xscmzjvwjzhjvcceymr3e03w79tp9xnn64jg9d6d8dmn28cm8zbh7j9jj99t6x3md01x99hy3vahxsbj6ats8zxnjghhc96gvmxegee8b16pap7403q97snxvbc7hw3kx1b613vpwwfwwmwddssbny4nqm75gmwm6nzwtgqj3ar7dbzbs839zt1q81twqn6nvrztrpjnjhabwaqcsh5hv868fb35psj9fpajqpr8vyj70vx5pg4p3feyhp8yy1xvb69xwvw5qcgzfexdxeanztyf8e6chpx4hby6fcz53rvfe9tafeynb4bdd4pf8e8dbrqwvp82sz5ehtqy163z085k1kt68wa1f4fkmdae2hs4d01fym5xxc3rb56sy33rrx2&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%26client%3Dca-pub-2193017516651811%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a35d614fb5a9007-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:36:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9143 0
0 60ms
59ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230301&jk=3216991145751260&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 7C9E 94 KB
12 KB 33ms
33ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=cd70ce35802cf1a82e55af3dabd61c17%2F12207372372213828420&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7h8rmjy3kqsv0k6g1z5wz4negq11x405aah18n7rgzj8c0zjp997kb2ywymjk0ag6qcrxw4crs9r2p4behkv3ym2f7b75ke973rfah03qcvdhst11angfrfb8h80989zq6vxj6ee3nh2r3rk8m2amyy2fcten9y3fngfj9hf2283b0e02gf03cqdbwbfhkg3my9sqbtw7rsspfp7ad7ya284anerscafdh7zfxgpjj08ka1fw266nem8pjakmjdhbbp3aqwaz034vg2yjp2tqp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=cd70ce35802cf1a82e55af3dabd61c17%2F12207372372213828420&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7h8rmjy3kqsv0k6g1z5wz4negq11x405aah18n7rgzj8c0zjp997kb2ywymjk0ag6qcrxw4crs9r2p4behkv3ym2f7b75ke973rfah03qcvdhst11angfrfb8h80989zq6vxj6ee3nh2r3rk8m2amyy2fcten9y3fngfj9hf2283b0e02gf03cqdbwbfhkg3my9sqbtw7rsspfp7ad7ya284anerscafdh7zfxgpjj08ka1fw266nem8pjakmjdhbbp3aqwaz034vg2yjp2tqp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 388959
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BH790oG5QiEbhq%2Byg64uAzixGXEa9O7ImiAPFF33lAEURuXZfxOOWLLAMzleiunykrhWRJOxX%2FmN1Pv0unslR8J7%2FV9CEeMC%2B50crSiPCTurpxItf%2Bqc962seGtmDW7vPoU548xao3M%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a35d6158ba99007-FRA
expires: Sun, 05 Mar 2023 23:36:10 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 7C9E 2 KB
3 KB 99ms
50ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=cd70ce35802cf1a82e55af3dabd61c17%2F12207372372213828420&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7h8rmjy3kqsv0k6g1z5wz4negq11x405aah18n7rgzj8c0zjp997kb2ywymjk0ag6qcrxw4crs9r2p4behkv3ym2f7b75ke973rfah03qcvdhst11angfrfb8h80989zq6vxj6ee3nh2r3rk8m2amyy2fcten9y3fngfj9hf2283b0e02gf03cqdbwbfhkg3my9sqbtw7rsspfp7ad7ya284anerscafdh7zfxgpjj08ka1fw266nem8pjakmjdhbbp3aqwaz034vg2yjp2tqp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2492343
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7YqUg04RW4zjZKCPK0Duxcs8%2FE4CBtcXAOPns3%2BWPrJe2oSrX5G9OHNcvB6AW5x5RLaYTBBa7FzKWjntHm%2FEdcsgOyL2gFa6zVcX2XmZgnccnq8PM1bkwwFwlW1zqdZjQssZpufIhYSYyWs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a35d615dd78bbcd-FRA
expires: Mon, 06 Mar 2023 22:36:10 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 7C9E 339 KB
340 KB 34ms
33ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=cd70ce35802cf1a82e55af3dabd61c17%2F12207372372213828420&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7h8rmjy3kqsv0k6g1z5wz4negq11x405aah18n7rgzj8c0zjp997kb2ywymjk0ag6qcrxw4crs9r2p4behkv3ym2f7b75ke973rfah03qcvdhst11angfrfb8h80989zq6vxj6ee3nh2r3rk8m2amyy2fcten9y3fngfj9hf2283b0e02gf03cqdbwbfhkg3my9sqbtw7rsspfp7ad7ya284anerscafdh7zfxgpjj08ka1fw266nem8pjakmjdhbbp3aqwaz034vg2yjp2tqp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 324624
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFVEmmXiabP8vBpdCqZLqM%2BSakhpVF1bh3d%2FXvKtcEpUqdlxF0aVb1fkWptpHWirIHSBPGMag0x61Dg2qX1BKy6juAPhBKtxlIjGOcgMxF1ApG%2ByaC34IWlsnc%2FGz55HdoPyj4INV37XOI04"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a35d615dd7abbcd-FRA
expires: Mon, 06 Mar 2023 22:36:10 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7C9E 43 B
703 B 357ms
106ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=cd70ce35802cf1a82e55af3dabd61c17%2F12207372372213828420&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k7h8rmjy3kqsv0k6g1z5wz4negq11x405aah18n7rgzj8c0zjp997kb2ywymjk0ag6qcrxw4crs9r2p4behkv3ym2f7b75ke973rfah03qcvdhst11angfrfb8h80989zq6vxj6ee3nh2r3rk8m2amyy2fcten9y3fngfj9hf2283b0e02gf03cqdbwbfhkg3my9sqbtw7rsspfp7ad7ya284anerscafdh7zfxgpjj08ka1fw266nem8pjakmjdhbbp3aqwaz034vg2yjp2tqp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCf3-rWRkFZP-nBcfP7_UPrbW_uAGQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0IHE75-fiZTTSXNR4DTgkRo4P280KrJp9kHpmxyQUKpB9kezrDbFy4fJ9Rv9wvVGYpiVEjT8WbNcHmgkaVdI403nPd0pMELj0pQhg6nvBeq6aps3BWfgZqNOLwuI2KtkYl5OLDuornD66X3uXdLpVpXqDE6984p9_Qr-LWJv7NYEtPkzXPjcBNV0HJ4hRnsJoE8dFjEwPugVy-BJB2-z2YzFC8-wPacr4L9OfL-cAWrif62rxN-xaAGFC50XdmPIWiffs2DygAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2AlK1XIppCmaG1aEdzylVPyV6Iiw%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:36:10 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 9899 94 KB
12 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 388959
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUVFU7zBpTFMy%2F6ZHtlwNn9joNmaRNCjPHQZUO01tLjrI2nOnMRZ4hJ55dv3LXGrKDHgxO0Mq1eUyhDGdDtLgpsFWPY8WFzHyts7Yigz99UybqcB95yDD2ffWn1YzHJmC%2BC7%2BHhWfhU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a35d615abb79007-FRA
expires: Sun, 05 Mar 2023 23:36:10 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 9899 2 KB
3 KB 81ms
49ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2492343
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TdKdLMjmrnVbZxTwp%2BNHWtMfoMOQiDdFGOaISRtULQdrN9LeCciifpsMo9t30QrGxgSvJMNeIPkpXbSMrXS8aE53LdyHIymPbb%2FwfqomJmKMtUGAzlGguq8OmX2l8Gev1JZC3wRmzSWS3KqE"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a35d615dd79bbcd-FRA
expires: Mon, 06 Mar 2023 22:36:10 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 9899 339 KB
340 KB 66ms
51ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 324624
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWNy9WQMUZNrxILLrlG1KVjmbQvgb95HqngCgkK3LduIZpEcT8K5HC4iEv4rL34K2Z3OkVxJbaSnwMBUapXJXhr2CGjl%2Bdxw0DjjKIQisyGRpxjUepu%2FXLwW6yGE%2F6Wqmm3qpSjV4EpqWdJc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a35d615fda1bbcd-FRA
expires: Mon, 06 Mar 2023 22:36:10 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9899 43 B
703 B 303ms
64ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:36:10 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9899 53 KB
54 KB 64ms
49ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97258
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54554
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSpwVavY7ZBirot089OLJPyBiD%2Fz3z4LAMzQtKzXlGKByZQmhgnNOyy%2FtWfq7DdwSTFKk%2FY0wrjWnWUKuRRM2pj0WaO5mdTYG4EDvZK3YQeG4JoDiL%2FviuuFjqXmZYOi6Zzrn6nV%2F%2FSHbdmz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a35d6160da6bbcd-FRA
expires: Mon, 06 Mar 2023 22:36:10 GMT

GET
H2 200 AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
assets.ad4m.at/product_image/ Frame 9899 33 KB
34 KB 65ms
50ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/AC141A5CBB54977B2534F8C53AC3663BEDFA436FAE3ACD4988B6899C9BB97ACFAD4B76B4BA1B0B0E1691596C153E31B849811DF48CAC56F53701C63564F90B6A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 674861
cf-polished: qual=85, origFmt=jpeg, origSize=156576
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34068
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Oct 2021 12:48:35 GMT
server: cloudflare
etag: "451fa9b02ae7953b9311aefac697be7e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZCh0IGiUp5yxU9fgIoGW%2Fb6X4ZNzv32%2F2UcyIay5sw1FsYHkSwWRRe41Mj4PKLFeOYmOMmuDjOLNjLBszUKLUNEvS%2FUEp5%2F8jHCAWOSspkLi%2F3Yx%2Fi%2F5CukWe%2BCS9f%2BoEtjzEcke5qDOUXb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a35d6160da9bbcd-FRA
expires: Mon, 06 Mar 2023 22:36:10 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 9899
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPSih_Hsxf0CFV2G_QcdPCAPrw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117683V1226132702M&subid=viewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023030523361182431606885X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite...

49 B
1 KB

198ms
47ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023030523361182431606885X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030523361182431606885X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:36:11 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117683&s_id=2023030523361182431606885X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023030523361182431606885X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&partnerid=12218
date: Sun, 05 Mar 2023 22:36:11 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 9899 44 KB
44 KB 64ms
51ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208679
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbXu%2FJuGBwqsVagvub9CLVUTeO5n5k1iFC5boRB4Kqlv72na5JV5bkIV9mYkg46JV2bXNkt%2F%2B0YOo0HhINUSdvFn6TX%2F4ySCueH8YwEcLTdig7szqdiUESdgX%2Bls5NAYXdjbyFJBtkAazxGe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a35d6160dabbbcd-FRA
expires: Mon, 06 Mar 2023 22:36:10 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 9899 298 KB
299 KB 64ms
51ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C13957%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzY%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CB15tgfPfER4cxH6H3tgC66YTjSeT88zc8pqe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=300&d=600&e=&g=e296647f9bb3e11053cdae5671ace866%2F15444454759842961285&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770329&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kznagtvgj47xvrj02fm6w08mhtkkkazb20v25cne11nyzvpfdc69t4h85dgsk0nyktqwzmv64zy0zqayv57wcm0gt7p4zadz19x04jsqfe2s8953q61ak04yrdbbbvg5a99nfpssbp02dfde0t4d0s78apy20mypddg8fnb4w6y3qdb3aja6k5ptsma3gw03zfjpypmj7n3v5axhsgea9bknjhwxxk00xsz942cj2hba9h1x0s12hceze9dwhf8eq2dencv5159pepfn5a97dyt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC0vseWRkFZOzPBJqM-cAP6_iq4AeQ4YGEXLaoworwAsCNtwEQASAAYJWqs4LAB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoEyAFP0NkQFc6t558cFTeJT0hExs-x1xZnn1yzuQKq-1MUDTc_HPY7a7Bz1MJcNGNEomhZ---JflilbIc2zkt8DOzUYRlrW79xJv_4KheSf0c0sZFfPdqZLyUr9Lm-PKnI5ZIww3mRgiBQHAwJxrLuIpKRhYtY9WL8IHDAJCewcE91Gcl6zg3of_nZtJxLBIx_wvirY_pBxbU2RaTmPR-3u8YpMDZ2QWx5ucXQASBxZiXjLuSEN27HHeLeIbvvbJ4MXF3uyiFdTssUa4AGtMa0iKCp86D5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3UB54eJDsTogReWLYr1QR0jvGWAg%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2617480
cf-polished: origSize=342797, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 305593
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McMwPu%2FeCMWFHygmkeWKm4cXv6W80L5YcEtsg8%2FhGZmR02%2F4JAhfWJXsGIy0wlZkdZHt97%2B63hXHG8yWzI2gBAffi2daDedg053UQInure6tYqnb2nbU8HsHCBMi0XUO%2F5wReHa0zARS9pLD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a35d6160dacbbcd-FRA
expires: Mon, 06 Mar 2023 22:36:10 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 9899
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1678055770_20d68b90-bba6-11ed-bf45-2264f50d357a&insert=AW&&gdpr=0&gdpr_consent=

0
475 B

194ms
37ms

Image
text/plain

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1678055770_20d68b90-bba6-11ed-bf45-2264f50d357a&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:11 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7a35d6191c55368a-FRA
content-length: 0
expires: -1

Redirect headers

Date: Sun, 05 Mar 2023 22:36:10 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1678055770_20d68b90-bba6-11ed-bf45-2264f50d357a&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame BD77 94 KB
12 KB 35ms
34ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=e9ee5eb32c4596c6b5ba84b450bb2ad1%2F4522571688856130379&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770331&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcz2t6w165f4t9yjx5rvfbsnecj513141d9gsmf1kkr232w3yhhncbb54j24kashpaey5fst9qbg8pmjrfdqr9eqhr1ej4deqx6chnxvn25e26y3fpbfn1h5aps2mg30t4saa572fp6at9dqgvxvvn4c03j8hn0wky1dxbd0fw1rdj865w0thxfm46y64c353898mr1k5g324yhs2ktpywdjfqd039r19vr8dcqmxk4wjy9rq118w2g2wkz5secmv7f9csc3smftv547waemkj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=e9ee5eb32c4596c6b5ba84b450bb2ad1%2F4522571688856130379&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770331&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcz2t6w165f4t9yjx5rvfbsnecj513141d9gsmf1kkr232w3yhhncbb54j24kashpaey5fst9qbg8pmjrfdqr9eqhr1ej4deqx6chnxvn25e26y3fpbfn1h5aps2mg30t4saa572fp6at9dqgvxvvn4c03j8hn0wky1dxbd0fw1rdj865w0thxfm46y64c353898mr1k5g324yhs2ktpywdjfqd039r19vr8dcqmxk4wjy9rq118w2g2wkz5secmv7f9csc3smftv547waemkj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 388959
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFch1v4%2FLbI0f0zRDhaw%2BHKZAJgeNKJK4MBGnn0cel%2FzY25iI3GJg2GWK1fFQLi5qHdSnc0GiaXAB8i524iFGNG%2B82kqtBOB%2BpzlMd3%2FAlEs9ywT3A2yCz%2B0rxJIJfpMlZHcbSfli2o%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a35d615cbc99007-FRA
expires: Sun, 05 Mar 2023 23:36:10 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame BD77 2 KB
3 KB 36ms
30ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=e9ee5eb32c4596c6b5ba84b450bb2ad1%2F4522571688856130379&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770331&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcz2t6w165f4t9yjx5rvfbsnecj513141d9gsmf1kkr232w3yhhncbb54j24kashpaey5fst9qbg8pmjrfdqr9eqhr1ej4deqx6chnxvn25e26y3fpbfn1h5aps2mg30t4saa572fp6at9dqgvxvvn4c03j8hn0wky1dxbd0fw1rdj865w0thxfm46y64c353898mr1k5g324yhs2ktpywdjfqd039r19vr8dcqmxk4wjy9rq118w2g2wkz5secmv7f9csc3smftv547waemkj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2492343
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfWHX3xTOsf%2Bdzh5Uje0GQTPupgUvvwl2qTY38Qun84P0druQnrOFRedJNDj2%2FWQPT63nGFBe%2FfmdiqCZX%2FmwEQCFXXFvMB79h2t50PsmJBXODb5WVJGkWpwCE4nziQrHgZJexw8fwn7Eah5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a35d615dd7bbbcd-FRA
expires: Mon, 06 Mar 2023 22:36:10 GMT

GET
H2 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame BD77 339 KB
340 KB 60ms
52ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=e9ee5eb32c4596c6b5ba84b450bb2ad1%2F4522571688856130379&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770331&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcz2t6w165f4t9yjx5rvfbsnecj513141d9gsmf1kkr232w3yhhncbb54j24kashpaey5fst9qbg8pmjrfdqr9eqhr1ej4deqx6chnxvn25e26y3fpbfn1h5aps2mg30t4saa572fp6at9dqgvxvvn4c03j8hn0wky1dxbd0fw1rdj865w0thxfm46y64c353898mr1k5g324yhs2ktpywdjfqd039r19vr8dcqmxk4wjy9rq118w2g2wkz5secmv7f9csc3smftv547waemkj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 324624
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruZJwml0LhhYdU8AW%2BqNy3sbgzneSWBcufe%2FEAmsHGEdH2wrfBuFq6DEI4p0a7HAbKgHpTjVkMLlYb54V7S%2B3mw2p7MPTOp6qiZuqDh3yS4%2BZ1a93QCUcriS22DIIkxBJ3IElZs995TAhr0e"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a35d6160daebbcd-FRA
expires: Mon, 06 Mar 2023 22:36:10 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BD77 43 B
703 B 336ms
88ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=320&d=50&e=&g=e9ee5eb32c4596c6b5ba84b450bb2ad1%2F4522571688856130379&i=29981&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1678055770331&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jtcz2t6w165f4t9yjx5rvfbsnecj513141d9gsmf1kkr232w3yhhncbb54j24kashpaey5fst9qbg8pmjrfdqr9eqhr1ej4deqx6chnxvn25e26y3fpbfn1h5aps2mg30t4saa572fp6at9dqgvxvvn4c03j8hn0wky1dxbd0fw1rdj865w0thxfm46y64c353898mr1k5g324yhs2ktpywdjfqd039r19vr8dcqmxk4wjy9rq118w2g2wkz5secmv7f9csc3smftv547waemkj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAaRfWRkFZJzPBvyR-cAPn_OngAeQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0yMTkzMDE3NTE2NjUxODExyAEJqQJ1rqYIqNexPqgDAaoExwFP0GBZ5XzIUdvna1QOCDykxyKTXQ81jU9MNKWhdUYc4cU7fkGWUF97l177IiEL5xmTXSSCWLgB6lV2LEZ6gaz0GSQgP7gPHtqUpKoZYY5vSgDLt7an7y37zl3NrAf3WvACztfbA38wbjPIs5CU5Cvc4LOurk4VEY1xGyx24MTouSC_xduSSEYib9DH8ZnrFsgCodezAbLe-3OqjgBpjWKLv0Yy-pbhb-fxJJHHQZ2PZXHMc0i2JDSiPxTLXNS9e3zc2jMa3yUTgAb62u-DsLzYl-8BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2X0hWCVsAxJ2z1BBWIKbuNZSRIcA%2526client%253Dca-pub-2193017516651811%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:36:10 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BEBB 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-mgy5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230301&jk=3216991145751260&bg=!6-il6LzNAAbv3-2Ez987ADkAdvg8Wk2Hi6Pmb5kRQ0vJtRC7GyPI3LxznPKy2o0LQ7yG0IsC_284QqeCounPt-eVz6LA3LclezUCAAABQlIAAAADaAEHCgBWwPFdwQLnFig9BY6qJuZCmVy4XFt8Mj8xNcxkKHLYkThC4aBF-hgLnBLcX7V9Xh3nWbiF1pjLA8w8gACcqp_QkWjpz-nNXZyqI43uBCr3Nd58uypgqbqZAqcT96ZQzM2FZu-nKzvTHr5h7QX7licxhucUqhbT4ET6uCXG-vBp4PlqUpTKk4ZtUyhJuVOCOZOtHkZKghO9CuiYkK_Q-ZeJTFYYFVGbX2QCEdyFRws9wgqGI87yYb8CGlfARrS928QzqmkxDOcLFGhKtcJ80dwtu6pZAwhNiHUR_jRB7n1F93fItpCOiQk-91aD0EiWvi3EubloSR5uLoK3SSPZACDKi9whmXYKS9Vm39ihbv8HtXZt81QwfQ6LXePR05uBLEiOfxrHQ-h0UAO5Z1iiDm7auwd3mwVHsPXDxOcu5c1s113SKDkWB0Vi7FjYpXqvEUGQrpEFd5jkw7lqcgPDUdqFI0ix4P7pesx72RqF8aA1GVPtriTZ560f9n5dPSRpvE3HHPbFe6WfNlRRPioFHrO5sLkaEQRDUsVWPlZ2jXEL2q50VTNqMFXX1BB3ro_FL4LnBR4HoZthB3ibKa6Q-MOLk_K83x5TsC5-VD-J0ycK_1d-9gAkGDxDdj8HemLcaJWXyOC6VLqYG732mK6uULZ01ApHNdrZdgA05mFoYhJSWYKDJUaZszZHmphx-UpEiry6AZvujzykq3CxS3gOdc34mKT3JEGOk0q0WOX3iYIYfOKsZHp9-8MM1oO606XAgjEQ26jFjrDK9zwbaHyi8mRL6Siy8Y1lIzUGNiYFfkjGzd_IDjzU1A9NNtgoPrX8yehNjiCEA-cUa7VD1CNTY7rSx8Vhqf6jzOR4ez6U32nD-wmhxXUD_vIPLv8RlIjdQw21if2-Ctu0v8utatIzTIGyMlI0MNFxrEYlLtSIdfLObyLSrGvt4JvxplW8WDRWT-RH7Df9asTN20KWEs-X6Gbr4SDHYfqxIW1dh1L8h_OzXKvqBl3vT_IahQL_EY2fLrBP
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bdesheba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKxnR3EoAXTLz9LUUDsvn-o&google_cver=1&google_push=Aa02lx8B1fqAZkctRUiTtsKmg2zwq8gT4s6Qs8LCb50L0lWvR7aWk8EkjTuuP722QbbIFKQiWZrb-Qbx7FL-r8mqqRPUeVV53Dt3Cw

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bdesheba.com/	1970-01-20 19:43:35	Name: _ga_VVFNE98W12 Value: GS1.1.1678055768.1.0.1678055768.0.0.0
.bdesheba.com/	1970-01-20 19:43:35	Name: _ga Value: GA1.2.354131852.1678055768
.bdesheba.com/	1970-01-20 10:09:02	Name: _gid Value: GA1.2.2111276287.1678055769
.bdesheba.com/	1970-01-20 10:07:35	Name: _gat_gtag_UA_236094877_1 Value: 1
.bdesheba.com/	1970-01-20 19:29:11	Name: __gads Value: ID=b4455ef9f1d0ab34-2260f9c044dd00f4:T=1678055768:RT=1678055768:S=ALNI_MZAmpsCwXilClYOkuQvk2oHJ4OWjg
.bdesheba.com/	1970-01-20 19:29:11	Name: __gpi Value: UID=00000bc0ec8db489:T=1678055768:RT=1678055768:S=ALNI_MZKVzGCwvfqf4ddCpERTwKHk0Hl5g
.doubleclick.net/	1970-01-20 19:29:11	Name: IDE Value: AHWqTUleUaEWktWM_JToTZEsre6k_oBvLJgPzlfHDDbfIpeUToX3B0yuPTKxqjI4OJ8
.adfarm1.adition.com/	1970-01-20 12:17:11	Name: UserID1 Value: 7207194648733350033
.360yield.com/	1970-01-20 12:17:11	Name: tuuid Value: dc21ad4d-5aa9-4946-863a-2f173530cc4a
.360yield.com/	1970-01-20 12:17:11	Name: tuuid_lu Value: 1678055769
.e.dlx.addthis.com/	1970-01-20 19:37:50	Name: na_tc Value: Y
.quantserve.com/	1970-01-20 12:17:11	Name: d Value: EAgBCQG4KIEA
.quantserve.com/	1970-01-20 19:37:50	Name: mc Value: 64051959-d1a5c-d6e0d-013d9
.tribalfusion.com/	1970-01-20 12:17:11	Name: ANON_ID Value: aYnseFyKalHobWm8ZbRiCa26tb45VhT8X2jRGQNoEsNpvUZa4rfpHtwceZdvQEbLo9OIdZbi3UYNbWNSjwPaO0cN
.addthis.com/	1970-01-20 19:37:50	Name: na_id Value: 2023030522360900047094002018
.addthis.com/	1970-01-20 19:37:50	Name: na_tc Value: Y
.addthis.com/	1970-01-20 19:37:50	Name: uid Value: 640519590db1946b
.addthis.com/	1970-01-20 19:37:50	Name: ouid Value: 64051959000102e1b752dca4a972e936769ad4bb16ed03ee855c
.dlx.addthis.com/	1970-01-20 10:50:47	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 10:50:47	Name: na_sr Value: 20230305
.dlx.addthis.com/	1970-01-20 10:07:35	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 10:50:47	Name: na_sc_e Value: 0
.travelaudience.com/	1970-01-20 19:39:16	Name: _tracker Value: %7B%22UUID%22%3A%220BEED8BD-9F04-47AF-ACE5-1A9306DBB7F8%22%7D
.ctnsnet.com/	1970-01-20 18:53:11	Name: gid_CAESEJgkUZGm-hlWFTsIafSNarE Value: 1
.ctnsnet.com/	1970-01-20 18:53:11	Name: cid_d173fab4f5c042f289dacaa83f66d561 Value: 1
.casalemedia.com/	1970-01-20 18:53:11	Name: CMID Value: ZAUZWo7RqIUg2KZ0yeQHiQAA
.casalemedia.com/	1970-01-20 12:17:11	Name: CMPS Value: 3271
.casalemedia.com/	1970-01-20 12:17:11	Name: CMPRO Value: 3271
.mathtag.com/	1970-01-20 19:33:30	Name: uuid Value: 99a06405-195b-4d00-9932-b7ea3db10710
.mathtag.com/	1970-01-20 10:50:47	Name: mt_mop Value: 4:1678055771
.pubmatic.com/	1970-01-20 10:09:02	Name: KTPCACOOKIE Value: YES
.agkn.com/	1970-01-20 18:53:11	Name: ab Value: 0001%3Aj7MYmzdYPf4pGGa9oHhzWeoqD8v%2BHItA
.agkn.com/	1970-01-20 18:53:11	Name: u Value: C\|0CEArl9XaK5fV2gAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/	1970-01-20 18:53:11	Name: KADUSERCOOKIE Value: F27691CD-8565-4AD3-BEE7-C0269FF77E99
.awin1.com/	1970-01-20 10:11:54	Name: awpv11354 Value: 412871\|1678055770\|20d68b90-bba6-11ed-bf45-2264f50d357a
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.awin1.com/	1970-01-20 10:10:28	Name: awpv20044 Value: 412871\|1678055770\|20d923a0-bba6-11ed-b520-223763a3e4ca
www.conrad.de/	1970-01-20 10:11:54	Name: HTLP_timestamp Value: 1678055771067
www.conrad.de/	1970-01-20 10:11:54	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 10:07:37	Name: __cf_bm Value: kuK.rxBdE.BfPlZkEmQqdqfO2urbqpvwsaUXyGfwhkI-1678055771-0-AWWkKglc+9/3ZHvbOCpueXt5QxibJCBlE6YFG2a2Y9qATUZMbRgssYVPkeGnL5q0isikHXJdvEmDMOYR4wTFJRc=
.o2online.de/	1970-01-20 10:17:40	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3ODA1NTc3MXZsZWExZGUyMDIzMDMwNTIzMzYxMTgyNDMxNjA2ODg1WDExNzY4M1YxMjI2MTMyNzAyTVN2aWV3b25laWRnazhhOGZyZkpWMnNQSGJIOHQ1dHJyQVVtU1FUOTk4c3dnellvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2ODM
.o2online.de/	1970-01-20 10:17:40	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 10:17:40	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117683_-HTLP&utm_term=AFF_la_117683_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023030523361182431606885X117683V1226132702MSviewoneidgk8a8frfJV2sPHbH8t5trrAUmSQT998swgzYoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117683&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3ODA1NTc3MXZsZWExZGUyMDIzMDMwNTIzMzYxMTgyNDMxNjA2ODg1WDExNzY4M1YxMjI2MTMyNzAyT

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKxnR3EoAXTLz9LUUDsvn-o&google_cver=1&google_push=Aa02lx8B1fqAZkctRUiTtsKmg2zwq8gT4s6Qs8LCb50L0lWvR7aWk8EkjTuuP722QbbIFKQiWZrb-Qbx7FL-r8mqqRPUeVV53Dt3Cw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
bdesheba.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dsp.adfarm1.adition.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
match.360yield.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel.rubiconproject.com
prod-rtb.ad4mat.net
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
sync.mathtag.com
tpc.googlesyndication.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
googlecm.hit.gemius.pl
104.87.133.65
142.251.208.166
142.251.39.66
167.233.13.224
185.29.132.241
185.64.190.78
185.80.39.216
2001:4860:4802:32::36
23.35.209.176
2600:1901:0:76b9::
2600:9000:20eb:c600:1b:5138:8a40:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6812:18ad
2606:4700::6812:7f05
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::2003
2a00:1450:4001:803::2008
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:831::2004
2a00:1450:400d:807::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2002
3.33.220.150
34.160.236.64
34.248.220.170
35.186.193.173
35.190.0.66
35.227.252.103
51.38.120.206
52.29.55.65
66.187.6.115
69.173.144.165
84.200.5.215
85.114.159.93
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
0851b1e8580798041a5e3181bee43c80ef66c7c749e579348c426c22706e65a4
09e8083de6a4b2b2107866338bfc962091ad22b66403f8bf186b5706e673fff2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eea385ab862a72ae80fae9f7da0cf752aae8a9eceb2846366e3ceb7e5e99e47
0f92a8ae3f36ab7abe34c777299d49bc7ca66eb07d1b2c1749c7d6d8ce26626a
1269966864fea9e2e862f5ffacaf25e8e998d6ec0c4031dbc7300a9337e7c233
16619ce27d251a6ac3f84a579f1db85807c95206fdc6b93c2e82b74dc3d3fc10
190402f488a1616b47304ae066078580059ca6a5958b7f217d2156d0a73931a9
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1fb7526aa0b7f65abed529a0b4484b11c7b9bde059ca55dfc3ad694b43968198
2097ea81556209b15cff0811e29469e3cecf22dab90045c28b23430d64c464ed
2367c78d84f277faaa1dcbc0d9ee060f610246945655de0ac37b7dab7fe107ca
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
271e006d8a6853de8cd7ffce8167d27993e10c21ccf28aba33b98eea603c83bd
2b8ffdcd100c493b3cb5af1c3d9b728ad2880967aa7c4e12a1f063587fc8cdbd
2d1265bcac1d193baf467971d91b7a5185c137201559f3c891376cffc624dae3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e183da725c23083b3ed4ce082479d6ee1ea9b6a8b957dbda7b703159c4790e3
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2eec29cac47254572eb4f5bed41d670f17cc9ce61db1da995df14d161d6d2dd0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
41129aa5a90e9637be142b0395663cfdc93da0ee6cd0bb1b2282d3c302ffdcc4
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
48fe6f7563394e77ec8040479958f2a549f5d3c902738f5b6c5349e4959d8576
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e921222656a5332eb13b34f97c96c083b3c53e56132a51aef81e114a3ac0d50
4ea4c5b9b33434ef40ac730329fb4a984d4de3314faafbc282e89946c14450df
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564804349268e1fd4a26f8cadedf4fc61d87792512291e3c57648b028c450bd3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
610e2372cb1c660815d93e7f6c695a84e830210351f19b1e4556ad3e12d74b7b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6340964e4c43fcf17a84684c2c3684fb33a77c86e06cc54861eb4a5305743ba7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6efef0ce9784f24df1e4318cae8b42e68f31a1213c207a9b5e8dfcd6f676b269
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
74d577e89617801f71223f0099a93628627821ba55861d0defdaf30c4e1d6923
767d53e7dc0c6030059a36d73f8adb2d3cfe581b9237e14fc4eeb1f1f321e7f6
7e3559d6ffac7fc54d6edaa79b6e7330fab33fbdffc174a27c58b25e5b3952d2
816e4f692926213350f0dbc2aef4df5572d47298babde49c2d00e735c26ce79f
8930edbf94b0d8b9e49e70b8cd962af0ec2c9840dd3d6734f7394d1d0d0fa418
89cc4eb7f55f9d04b4a1bc61d3d3b89f46bb67308018f4c5623f308bf86531d6
8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e71afd53d34b1a32c15ee776f34aa51869e45820afcc130ee01477b7e9e275e
8f38c2f0e18d76c40443c0eda45c67f9481191d7d2222ffea369f5ae53e8c4e9
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
9296df9ec622dea363e358532da2ded8c9534cdf1c994a1da9259be7f55012c9
97ae1dac4d8947e1c5229334cf166b2279ab404a6157790c98993c96bab2d7bc
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bc7c5a25bb4c262a76f35774e0f253e6061af283fe1ec52d160996729a1abd3
9df7dc597e0f6b10114877dfed11864d329ffb196cc0463a654d80dccbd85ebd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a648d8c6cbb05912b60e874145c8d2b15f69703327638cf0ae90c8263b863402
a80e2071f57de0e272df505968e6d0e2dc9a89b60e446aca52bc8b2b23f23dbe
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b02b7e3fc262e4eda8ebc503d23a2a9f8859235c38145d160786095ce9424a85
ba8740c5b7f23f71182dbacb15041527faadb422897c07ff398617185a8fbaa5
bc931abb3767634e25ccd5b2ba03c2dcbb453b60aada18df6ebe23fb4413ceed
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3b67b8dc15b279cf07c9c05b659014bdb188b05fabe6bc565c7b7ee931a637b
c47602bde76136c69faef5566a1c82c56a6e582f71d557a340b40687900d4a56
c68261f839d9de9faf709978e52d8e4cc802300e51167ced5e0b4baa38e29639
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca19a08d150ab3e0255c198f9b3035d1b1e93ece6146f4088ada02e3cee808cf
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d5aaaae3dfd1fe3cb8e435b6d978f1a94e2e26b5f5ec572b89298870783f78cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8b37a341907411e2138f9bc14d79d79b27acb8765ef3c23f48a6e6b301174e0
ede4f033c2faa97ebc11ccbb2857dd34aeba76d6ea6fe69f2a9eb42fdabaed3f
eefb09dbcc1a503fa6b9346b85ee63d1d44aa70ffd07334c093aceb2de1a7fc2
f0c50013ceabd9c6f8140ee1880c7b4b85d703a867f8f4f75277374580c5a3ee
f139a97e5a488109d0c1b543c5cbcebed6c0f1e08cf8ac2c65861f9b3737d6db
f5c630694d02e0ead2d807684bd37bd457e3483c13ca441ff6d775f8985b73ef
f6c4a8046f43db9161bd82e0dff8b0589e3d6ccd909b9ed5c44335aefbea7da1
f982cc401a7fd3397789c01dfe32b0da6abc641d6968900b4d60a06069df2449
ff9b436a1addf64cd76fd42cc22eb99064828ea053df23f5135145c61395d413
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

bdesheba.com Open in urlscan Pro 66.187.6.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

71 %HTTPS

50 %IPv6

36 Domains

45 Subdomains

27 IPs

6 Countries

2657 kBTransfer

4769 kBSize

43 Cookies

1 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bdesheba.com Open in urlscan Pro
66.187.6.115 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

71 %
HTTPS

50 %
IPv6

36
Domains

45
Subdomains

27
IPs

6
Countries

2657 kB
Transfer

4769 kB
Size

43
Cookies

156 HTTP transactions
4 data transactions