www.adintrend.tv Open in urlscan Pro
104.21.4.152 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://adintrend.com/
Effective URL:
https://www.adintrend.tv/hd/?t=live
Submission: On September 11 via api (September 11th 2023, 4:04:23 pm UTC) from US — Scanned from DE

Summary HTTP 141 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 18 domains to perform 141 HTTP transactions. The main IP is 104.21.4.152, located in and belongs to CLOUDFLARENET, US. The main domain is www.adintrend.tv. The Cisco Umbrella rank of the primary domain is 648235.
TLS certificate: Issued by E1 on August 8th 2023. Valid for: 3 months.

This is the only time www.adintrend.tv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.106.248.24 23.106.248.24	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
19	104.21.4.152 104.21.4.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	133.186.12.16 133.186.12.16	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
4	94.75.248.161 94.75.248.161	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6 8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4 8	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2607:f8b0:400... 2607:f8b0:400a:80a::2003	15169 (GOOGLE) (GOOGLE)
1	66.102.1.155 66.102.1.155	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	() ()
141	25

1 23.106.248.24 (Atlanta, United States) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

adintrend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.21.4.152 (None, )

ASN13335 (CLOUDFLARENET, US)

www.adintrend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.12.16 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p016.net133186012.broadline.ne.jp

js.genieessp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.75.248.161 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

n1.cdn.vet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.148.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.141 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400a:80a::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	295 KB
23	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	572 KB
21	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 cm.g.doubleclick.net — Cisco Umbrella Rank: 259 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 393 bid.g.doubleclick.net — Cisco Umbrella Rank: 930	246 KB
19	adintrend.tv www.adintrend.tv — Cisco Umbrella Rank: 648235	166 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 629	4 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 279	5 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 249	77 KB
4	cdn.vet n1.cdn.vet	13 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2541 www.google.com	1 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1103 cloudflareinsights.com	7 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	142 KB
2	gstatic.com csi.gstatic.com	279 B
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 12174	1 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 521	355 KB
1	genieessp.com js.genieessp.com — Cisco Umbrella Rank: 44722	159 B
1	google.de www.google.de — Cisco Umbrella Rank: 5643	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	78 KB
1	adintrend.com 1 redirects adintrend.com	80 B
141	18

	Domain	Requested by
34	pagead2.googlesyndication.com	imasdk.googleapis.com a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
23	s0.2mdn.net	imasdk.googleapis.com www.adintrend.tv s0.2mdn.net
19	www.adintrend.tv	www.adintrend.tv
13	tpc.googlesyndication.com	a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com www.adintrend.tv tpc.googlesyndication.com securepubads.g.doubleclick.net s0.2mdn.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	cdnjs.cloudflare.com	www.adintrend.tv
5	googleads.g.doubleclick.net	a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
4	googleads4.g.doubleclick.net	www.adintrend.tv
4	n1.cdn.vet	www.adintrend.tv
3	a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.googletagservices.com	www.adintrend.tv a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
2	cloudflareinsights.com	static.cloudflareinsights.com
2	csi.gstatic.com	imasdk.googleapis.com
2	m.exactag.com	a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
2	imasdk.googleapis.com	www.adintrend.tv imasdk.googleapis.com
2	region1.analytics.google.com	www.googletagmanager.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	js.genieessp.com	www.adintrend.tv
1	www.google.de	www.adintrend.tv
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.cloudflareinsights.com	www.adintrend.tv
1	www.googletagmanager.com	www.adintrend.tv
1	adintrend.com	1 redirects
141	27

This site contains no links.

Subject Issuer	Validity	Valid
adintrend.tv E1	`2023-08-08` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.genieessp.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-08` - `2023-11-26`	a year	crt.sh
n1.cdn.vet R3	`2023-07-14` - `2023-10-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://www.adintrend.tv/hd/?t=live
Frame ID: 5BEDFC4EBF3EA072B4FA2F1B0D55D565
Requests: 27 HTTP requests in this frame

Frame: https://www.adintrend.tv/images/banner/Theme_left_utf8hd2.html
Frame ID: 8AE4717C8EC1F53BA5C8C1D5CD52839A
Requests: 1 HTTP requests in this frame

Frame: https://www.adintrend.tv/hd/live/i.php?ch=3&cxid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw&tmpx=81.95.5.39&ccc=DE&device=desktop&dtime=11-09-2023-11:04&platform=Win32&touch=0
Frame ID: 1A08E53012E5F914C25179E7C0E64C28
Requests: 16 HTTP requests in this frame

Frame: https://www.adintrend.tv/include/ads_vietnam_native.php
Frame ID: CA5C36A5DD6F18A571D5754CB75C53C1
Requests: 2 HTTP requests in this frame

Frame: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CA9484FAE24106104A6C8182B6E8E1E2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Frame ID: E23FA691BF0E028F6FAE6041A5A3E69F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BDC89C95F5DC124345F3A4F38CB9E8B6
Requests: 1 HTTP requests in this frame

Frame: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5CEAA4942A7FBD578EC8AEAE8378BEC8
Requests: 20 HTTP requests in this frame

Frame: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7D5A3C5AB1F305599BC38FB5CAC7E840
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNUrPlXWIFVS6rNihmFQlFQVGT25liWeNo1x6TDSqcMhlUlnTD_6kMSp-PFA1jkoFyhOj4t5_7n8PURwUZUc5a2areVIGjVvDMznErTWbsNbPgg7VlkzJjS_ab30YI4Ohs_YLRV3tru9dP_PGlYfswwm9Zeg7Fp0ktVuJn3ebd1sr-YQ3Vw
Frame ID: CA0EEB1974E02DBC6426BB578AA820ED
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYsIfo4gEwAQ&v=APEucNUixvafEct3sg-2-uHksbmRZ7INUjpQi3JMoh0PG75lc7X_x45DBcYa95ExZhlDvPFn45clxksaDmJBhMKlcaK52Yr6AYrOXHkAq0ISCY9Qtk35f6f8ieS2O5wQ7vJ0zdIeXl_QC8ugqzeT9TvhwnwAoPhghsOHiLK9qpg23EFn0CPy5QA
Frame ID: 1090D70B380A95B40DBDD9B1A5F82EA8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E1448DDE68BC142093B4CECE843EC545
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 439E53103CE664B71070165C4786A347
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250
Frame ID: 20F825267CECA4DF9A1FDA9E07F420E3
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250
Frame ID: DF6AA61895613381CA6109D4F88A815D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0967C7290082077B3C17CAE849BED701
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E683BF800EF0B0C486E6ED373E1577A6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: 3BF26F903702AE898D0F0A2E7B5BEE85
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js
Frame ID: 300C5505798DB8EF18CED763AB58EB50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ADintrend.TV - ดูทีวีออนไลน์ ภาพชัดไม่กระตุก Live

Page URL History Show full URLs

https://adintrend.com/ HTTP 301
https://www.adintrend.tv/ Page URL
https://www.adintrend.tv/hd/?t=live Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

141
Requests

94 %
HTTPS

60 %
IPv6

18
Domains

27
Subdomains

25
IPs

6
Countries

1961 kB
Transfer

5457 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://adintrend.com/ HTTP 301
https://www.adintrend.tv/ Page URL
https://www.adintrend.tv/hd/?t=live Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://adintrend.com/ HTTP 301
https://www.adintrend.tv/

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbuGXsSyVjEXB_LPVQXBxs&google_cver=1

Request Chain 68

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZP86gXrsHO8bC70JtKNgfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGAi0vhXBmCFDuFUoU4Acs&google_cver=1

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDAUlZ8uxpsENCxuuKLXmDc&google_cver=1

Request Chain 70

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NjUzMjA3MDg1MzI5MTUxNg%3D%3D

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbuGXsSyVjEXB_LPVQXBxs&google_cver=1

Request Chain 72

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZP86gXrsHO8bC70JtKNgfAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGAi0vhXBmCFDuFUoU4Acs&google_cver=1

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDAUlZ8uxpsENCxuuKLXmDc&google_cver=1

Request Chain 74

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NjUzMjA3MDg1MzI5MTUxNg%3D%3D

141 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
www.adintrend.tv/
Redirect Chain

https://adintrend.com/
https://www.adintrend.tv/

176 B
568 B

718ms
676ms

Document
text/html

104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adintrend.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.3.29

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 805125312a68bc01-FRA
content-encoding: br
content-type: text/html; charset=tis-620
date: Mon, 11 Sep 2023 16:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRSDevCoQENSsGksml32cPiiNBhsfThhX5bd3sT1Uqnykyp7xKpSdnaMICCEzj6b1RgoKPORvKQvJs5mVHa0nLX5TlxGO47XVg9FWoR68C%2BEsL%2B9Ysp2nDKnh7W0YpU2zfm7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
x-powered-by: PHP/5.3.29

Redirect headers

content-length: 178
content-type: text/html
date: Mon, 11 Sep 2023 16:04:13 GMT
location: https://www.adintrend.tv/
server: nginx

GET
H2 200 Primary Request / Show response
www.adintrend.tv/hd/ 17 KB
4 KB 287ms
286ms Document
text/html 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adintrend.tv/hd/?t=live

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.3.29

Resource Hash

fcc055ff89ecd416975c28222a96a88a2ae805646d5fd92155917904b3593c2b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.adintrend.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80512535ca15bc01-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 16:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lRn%2BNB3ZFYUvcUq%2FHqtsdTdaUdo9PFSXValMSc6IuNFmTaWdD62VLr0TVgkrH4M1nDhlwg41yjbEVBhMTJ5FrqSrEh3bILKWpR6QKfu4fCRa3nrCYRWc4SCaK0BsGbzh5jQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
x-powered-by: PHP/5.3.29

GET
H3 200 css.css
www.adintrend.tv/images/ 10 KB
2 KB 17ms
17ms Stylesheet
text/css 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adintrend.tv/images/css.css

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9246b49f3c3a15eac8fc98f16a62ce1e715e80c21f114e95199befc2cd1aac6a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 19:21:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1574382
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OblZ%2BjCzseEDT0hBuLNdHUXI6TsLtrnLZ36xPZ7LhW1X1n63QGOJvHnIYZ%2F6VJvaJ%2F3CbckwlW3dbdCEb8bwOBnSAQPUs2x3jDsL3EhLM3F0ZcgBRY9%2BQvt9js80zFyR6CT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=5184000
cf-ray: 805125379f5618b9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 23 Oct 2023 10:44:31 GMT

GET
H3 200 stylesheet.css
www.adintrend.tv/images/ 2 KB
924 B 16ms
15ms Stylesheet
text/css 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adintrend.tv/images/stylesheet.css

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71a6cca43bb56304af150b052dbc722bae083a78f5cc9513cecc6257bc61e1c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Mar 2019 19:21:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2994992
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvpQxbxR3asldlYJDvzTm3cLQP6NIVJa7Sd%2FW%2B2qoD0GpOq58BfQvrmkwBuiEKfCI3s9YTwCMSNnJ%2BtWlfigEyjkRmL%2FNbq5AshxYzE%2F0S5fSlIVWN6G70RWGKr9buJbb353"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=5184000
cf-ray: 805125379f5718b9-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 07 Oct 2023 00:07:41 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 98 KB
29 KB 154ms
94ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2fefb0b97977dc00cda344f95c3618b362499aad2e9e5f84cbf47c137efd349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29050
x-xss-protection: 0
server: cafe
etag: 662 / 19611 / m202309050101 / config-hash: 14228828446942205539
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:04:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 82ms
23ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B8CG32BRB6

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9127cbd88f066b08cc5fb0feb28bc7c25928e95247bfeb4cb4b616cb170c6f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Sep 2023 16:04:14 GMT

GET
H3 200 logm13.gif
www.adintrend.tv/images02/ 943 B
1 KB 28ms
27ms Image
image/gif 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adintrend.tv/images02/logm13.gif

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97f5072c3c53aabb5f44dcf0717479155ae9d902429f13e80234d851749eebf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2990186
alt-svc: h3=":443"; ma=86400
content-length: 943
last-modified: Mon, 25 Mar 2019 19:21:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml69CoQRjVgRyWAhR8CBBRZ9XyFRSLg06ouv%2BUNSuMRVGVTqX4%2FgOSqHa%2BA0J9Z6jcS8AAk9xoGP6gib%2FlLmREFHjb%2FgbWyTSXoZJ31wjnf4bKazfXH23tmf5%2Fl6xFcv4uHy"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 80512537cf9f18b9-FRA
expires: Sat, 07 Oct 2023 01:27:48 GMT

GET
H3 200 logo4.png
www.adintrend.tv/images02/ 2 KB
3 KB 28ms
26ms Image
image/png 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adintrend.tv/images02/logo4.png

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60a96525a3740ecbf1d8bd5a0c02ab8c595392b689d258816e2ee54d314c1274

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2985692
alt-svc: h3=":443"; ma=86400
content-length: 2106
last-modified: Fri, 05 Apr 2019 21:01:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DhK7aUpvmQIM5ykQ%2BOENGSlULJmRJlDm%2FgvwjVn0S8fnq7mTwSnDO67jYgl16oZX%2FgmXLoBMPfCnFvir3RcsUip3Wva2xfXR3PX4Epz93lOuaHUSuJzYpjzvdg1Cw5PuymX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 80512537cfa518b9-FRA
expires: Sat, 07 Oct 2023 02:42:42 GMT

GET
H3 200 logm14.gif
www.adintrend.tv/images02/ 910 B
1 KB 27ms
24ms Image
image/gif 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adintrend.tv/images02/logm14.gif

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a67b03b3c4ed5c1b2570113f118ede03d998e1e292603819ac6584436d04383

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2985692
alt-svc: h3=":443"; ma=86400
content-length: 910
last-modified: Mon, 25 Mar 2019 19:21:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Grx5wEuwVOzyzaHqM7ukpMmGN2nJT8c6ekLfUrGcySBaQc%2FpsMbwQ3ygX9HbDgp1OIGUzn%2BIxDJq4IUIMTPc%2Bz0IpYzNqLdltdVYKemRGT6UieckHTCfHhG2dXnksxaQwwEp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 80512537cfaf18b9-FRA
expires: Sat, 07 Oct 2023 02:42:42 GMT

GET
H3 200 bg05.gif
www.adintrend.tv/images02/ 109 B
591 B 58ms
55ms Image
image/gif 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adintrend.tv/images02/bg05.gif

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8e48ae05aca7dd7e257a5afb5ba7d9ed3a73e6a53b507e7012338d261f33fb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2985692
alt-svc: h3=":443"; ma=86400
content-length: 109
last-modified: Mon, 25 Mar 2019 19:21:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgB2F0H%2BOtm8UYy%2FQtTUh1jXCd7C5X3BXKhr47CHXQodIhgpfLNs1QZb3RKxWuhWAs9W%2BWgSbKml4jIA5hPlbV2Jo3Ka2QFCVZXSGg%2FWO9pGr7Y%2BZ03iK0qPyqgVmbHI741R"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 80512537cfb218b9-FRA
expires: Sat, 07 Oct 2023 02:42:42 GMT

GET
H3 200 bg06.gif
www.adintrend.tv/images02/ 113 B
593 B 30ms
27ms Image
image/gif 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adintrend.tv/images02/bg06.gif

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc8f73ef9214e4d0d5c6628420314325bcae2b7daa6c4f857009178c3e3308d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2985692
alt-svc: h3=":443"; ma=86400
content-length: 113
last-modified: Mon, 25 Mar 2019 19:21:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jkG74fldgDkZcxaByzct9fSXbosq9k2Pqg83CJeMt8mVVAeCbKXx3X1Nj%2FtZFSl3o5dKv1e3DgUmzBk4CH4jtr6%2BRinGGAYe81kb5KKrH2VneVn%2F2%2BHGwJozr4%2BeI1a3enB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 80512537cfb618b9-FRA
expires: Sat, 07 Oct 2023 02:42:42 GMT

GET
H3 200 Theme_left_utf8hd2.html Show response
www.adintrend.tv/images/banner/ Frame 8AE4 1 KB
854 B 700ms
679ms Document
text/html 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adintrend.tv/images/banner/Theme_left_utf8hd2.html

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.3.29

Resource Hash

acada3db8b2ecd40691b863a0dc379b143f236aa8ec102935a3872ffb996c51c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.adintrend.tv/hd/?t=live
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80512537e82e18b9-FRA
content-encoding: br
content-type: text/html; charset=tis-620
date: Mon, 11 Sep 2023 16:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fg4D5QuRiej73z%2FuEnMOrn1uGep9%2BpBssd8kZd6y8tn1jYJSkGMBro1g%2Fl9dXS71%2Ff1bl7tDPJG4K%2FeKnab44Mm9JWXffjt%2BptM2dPseDTtSN1YCfXCDGc64IzqRH0lT9zxO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
x-powered-by: PHP/5.3.29

GET
H3 200 bg01.gif
www.adintrend.tv/images02/ 149 B
628 B 53ms
16ms Image
image/gif 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adintrend.tv/images02/bg01.gif

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82b4224e24a48d92e68ac09fc2a270140a8671f4ee24b03153782557dde1d365

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2985692
alt-svc: h3=":443"; ma=86400
content-length: 149
last-modified: Mon, 25 Mar 2019 19:21:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvDSe6qKNHa%2FxdgfDLqSV4fYq2Fsm9GwuUuASr6ou5W9SvJ8fD52jPOEJ2gEhULPnxuraBV7jwbcWbzIQG74IC8SPuZiAEnZbd%2FAFpCJyoOsdW65K7wGengaXizPzwZV2ReG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 80512538187618b9-FRA
expires: Sat, 07 Oct 2023 02:42:42 GMT

GET
H3 200 bg09.gif
www.adintrend.tv/images02/ 72 B
551 B 57ms
20ms Image
image/gif 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adintrend.tv/images02/bg09.gif

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2113a8ab67e0058874dab99022c015790dd59fda69c363443d80ed82960912fe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2985692
alt-svc: h3=":443"; ma=86400
content-length: 72
last-modified: Mon, 25 Mar 2019 19:21:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYF1%2FnHa54R1U4qp4M0mlYUTCrZfez30q7YrauMypgwQDlfu%2FpCoZf7g8xCFv4Ih8x1rqzE7qhXKFPhBbo4r0%2By6n5sc3iNWsmBRuLABfFRkpwn1rstczM%2B3r6tcniKW4vDv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 80512538187d18b9-FRA
expires: Sat, 07 Oct 2023 02:42:42 GMT

GET
H3 200 bg02.gif
www.adintrend.tv/images02/ 144 B
621 B 73ms
36ms Image
image/gif 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adintrend.tv/images02/bg02.gif

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1302a764fd2e5a4e0ac9e0bdc852e2b3d0810a7c346f0abdfbb32256500edb1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2985692
alt-svc: h3=":443"; ma=86400
content-length: 144
last-modified: Mon, 25 Mar 2019 19:21:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30SRBbgOM6BJa7apBFHXYzXXCVwxWXUaOXYML6ssirPgOshCxST6f55suOsuwKhiMcdqEe%2BxtuZPMg0G0fStjMc7AVuA3njkzbgzKCNrZ26vMfGFhnMcNS4lNRob6KwzGpcL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 80512538188418b9-FRA
expires: Sat, 07 Oct 2023 02:42:42 GMT

GET
H3 200 bg03.gif
www.adintrend.tv/images02/ 70 B
552 B 68ms
31ms Image
image/gif 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adintrend.tv/images02/bg03.gif

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35d6382bc492ca740e79c5d28141c199acbe8dad89d8ebd6f36c1af942d261fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2985692
alt-svc: h3=":443"; ma=86400
content-length: 70
last-modified: Mon, 25 Mar 2019 19:21:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5wkFeMNmfEGZCNG6y0zdO2jZ5V%2BIwjPvO9d0ekCEFSbXeTm9xCLTKjqpc6sfZzjeWjBpt%2BSybUrlkcqYz3MKsuzQmir0lGjiIJQC8xjtSgmoKXtwECdU9jz1ykAQq%2BQk%2Bx8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 80512538188518b9-FRA
expires: Sat, 07 Oct 2023 02:42:42 GMT

GET
H3 200 i.php Show response
www.adintrend.tv/hd/live/ Frame 1A08 5 KB
2 KB 695ms
690ms Document
text/html 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adintrend.tv/hd/live/i.php?ch=3&cxid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw&tmpx=81.95.5.39&ccc=DE&device=desktop&dtime=11-09-2023-11:04&platform=Win32&touch=0

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.3.29

Resource Hash

2c45abf1b4505ec8110d87893e7a492af51b79bb1902c6e232558e85219d3894

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.adintrend.tv/hd/?t=live
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80512538188c18b9-FRA
content-encoding: br
content-type: text/html; charset=tis-620
date: Mon, 11 Sep 2023 16:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OwNCU65sYUGvitn5WgJz7yJBSco9OisfQYx5f69ov2ij66onS78VrO9KObsj5AfVETHv50aEeJCaGNEqOljmeuMICjUgNop8tU53S3SF8KIgG5AROukRVnWUZMgRB%2FUxpUG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: PHP/5.3.29

GET
H3 200 ads_vietnam_native.php Show response
www.adintrend.tv/include/ Frame CA5C 136 B
533 B 678ms
675ms Document
text/html 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adintrend.tv/include/ads_vietnam_native.php

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.3.29

Resource Hash

ce61f3b93b93585c31300d11f6278bf0e5335b3f391fdd6a32dbe167f7476b2f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.adintrend.tv/hd/?t=live
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80512538189a18b9-FRA
content-encoding: br
content-type: text/html; charset=tis-620
date: Mon, 11 Sep 2023 16:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3loCS%2FOegPuG9xqn6TTF4VsF4Td9b77nu3AjMi7J97SjYkl1SivsPZKDlwSF3yt4JNlMv3Ld%2BdrIxAKhpszwVJLBOJ9DU97%2BkwfHRUSVxG%2FI8A%2Fjm2Scfo8sx%2FnOEIdS57pl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
x-powered-by: PHP/5.3.29

GET
H3 200 bg08.gif
www.adintrend.tv/images02/ 108 B
591 B 29ms
24ms Image
image/gif 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adintrend.tv/images02/bg08.gif

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98c0942ec0a88ce214e5d255f908aaedc9a7dd62883d28f1822777bc471facc2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/?t=live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2985692
alt-svc: h3=":443"; ma=86400
content-length: 108
last-modified: Mon, 25 Mar 2019 19:21:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUO%2B79CVzWPP%2FlFunJ7YJPyhxc9hrD4V2AhpK460B16XXj0wHDhORR9vIEdIgo6pdhaz9D3d0lNUZeyu4ExONO36WwYCdUEj5mrf03R%2BQgzaMg2%2BeRmFRBGRb4GcZPg%2FBzMm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 80512538189618b9-FRA
expires: Sat, 07 Oct 2023 02:42:42 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 20 KB
7 KB 97ms
61ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:14 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 805125384868365d-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/ 404 KB
127 KB 92ms
10ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 16:24:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85186
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129878
x-xss-protection: 0
server: cafe
etag: 7992010681825974757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 09 Sep 2024 16:24:28 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 48ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B8CG32BRB6&gtm=45je3960&_p=1175043687&_gaz=1&cid=430850806.1694448255&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694448254&sct=1&seg=0&dl=https%3A%2F%2Fwww.adintrend.tv%2Fhd%2F%3Ft%3Dlive&dr=https%3A%2F%2Fwww.adintrend.tv%2F&dt=ADintrend.TV%20-%20%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B8%A0%E0%B8%B2%E0%B8%9E%E0%B8%8A%E0%B8%B1%E0%B8%94%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B8%95%E0%B8%B8%E0%B8%81%20Live&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B8CG32BRB6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.adintrend.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
246 B 62ms
20ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B8CG32BRB6&cid=430850806.1694448255&gtm=45je3960&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B8CG32BRB6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.adintrend.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 82ms
51ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B8CG32BRB6&cid=430850806.1694448255&gtm=45je3960&aip=1&z=44901562

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/?t=live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
14 KB 810ms
780ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801200756526971&correlator=4437922050601861&eid=31077648%2C31077232%2C44777901%2C31076771%2C31077189&output=ldjh&gdfp_req=1&vrg=202309050101&ptt=17&impl=fifs&iu_parts=7785699%2CTopbar_A%2Chd_ch32_b1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694448255135&lmt=1694441055&adxs=457%2C1029&adys=5%2C213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.adintrend.tv%2Fhd%2F%3Ft%3Dlive&ref=https%3A%2F%2Fwww.adintrend.tv%2F&vis=1&psz=728x90%7C300x250&msz=728x-1%7C300x-1&fws=0%2C0&ohw=0%2C0&ga_vid=430850806.1694448255&ga_sid=1694448255&ga_hid=1175043687&ga_fc=true&dlt=1694448254647&idt=365&adks=3175606650%2C2871455395&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30e94916dc5442037676481446795edac78cc473be59a82f6e2362dfb318253d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13939
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.adintrend.tv
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CA94 6 KB
3 KB 54ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adintrend.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 16:04:15 GMT
expires: Tue, 10 Sep 2024 16:04:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a1411017.js Show response
js.genieessp.com/t/411/017/ Frame CA5C 0
159 B 2318ms
1668ms Script
text/plain 133.186.12.16
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/411/017/a1411017.js
Requested by: Host: www.adintrend.tv
URL: https://www.adintrend.tv/include/ads_vietnam_native.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.16 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p016.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:16 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 0
warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
content-type: text/plain

GET
H2 200 auth.jsp Show response
n1.cdn.vet/live/ Frame 1A08 0
224 B 236ms
0ms Script
application/javascript 94.75.248.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://n1.cdn.vet/live/auth.jsp?cxid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw
Requested by: Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/live/i.php?ch=3&cxid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw&tmpx=81.95.5.39&ccc=DE&device=desktop&dtime=11-09-2023-11:04&platform=Win32&touch=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.75.248.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 11 Sep 2023 16:04:15 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-expose-headers: Content-Length, Content-Range
server: nginx
content-type: application/javascript

GET
H3 200 trackviewer.js Show response
www.adintrend.tv/js/hls/ Frame 1A08 341 KB
83 KB 97ms
79ms Script
application/javascript 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adintrend.tv/js/hls/trackviewer.js?t=823429

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/live/i.php?ch=3&cxid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw&tmpx=81.95.5.39&ccc=DE&device=desktop&dtime=11-09-2023-11:04&platform=Win32&touch=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

770881617366ce0c525ab90c26b19a25dc48185f4940aafa39305112b14aecc5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/live/i.php?ch=3&cxid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw&tmpx=81.95.5.39&ccc=DE&device=desktop&dtime=11-09-2023-11:04&platform=Win32&touch=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 May 2023 21:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4981262
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfLF4Rgo%2F3sdtYHdYJKdC8TWCeZTcnT2Q8y4dX7GVwAc766KiZks9pMNkB6RUu03xb%2Btukc2V5KM6Zk1ALJNPiGh2e0vgNMHyeDwvGUyoSuYeKqAESvL6k47IXdUVBdA5qvq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=5184000
cf-ray: 8051253c9f4218b9-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 14 Sep 2023 00:23:13 GMT

GET
H2 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.20.1/ Frame 1A08 40 KB
9 KB 191ms
0ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.20.1/video-js.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01df456b85acb77a180ad7d890f265ea448289bdae9a4b54c58d919b4d484c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5133593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9263
last-modified: Tue, 31 May 2022 20:37:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62967ca2-242f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmZ1juNIjxmg9atG30IuxBp1Uggn9Mx%2BTG3T4jMuwF5N3RgDeyWhVLF8tJzj3aAZ8TTK9fKfN4axlcLlhUqpPJZ9COkyz4YbwdWpHO4XWyEcCN2oFoD4t4UGQDbh4a71ZA1GucCa9BXdYBTjnQrE4x%2F2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8051253d8f902c63-FRA
expires: Sat, 31 Aug 2024 16:04:15 GMT

GET
H2 200 video.core.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.20.1/alt/ Frame 1A08 233 KB
53 KB 213ms
0ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.20.1/alt/video.core.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9633292cd35b37468e5094e83fbad83ae848658641d3f16f9e6d4361f56ecf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2814687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54185
last-modified: Thu, 22 Jun 2023 11:22:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942edc-d3a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0TypBMvlt6Cou64CaSJEe2rfiuEIMAKriOK943bQWlzR1TtJLVAr6X9jzsAd3%2BaPw9BDFBYmZbBYCiensX2mzOeAXM2ZgqYr518ZtaI%2FjqyMcZhZqrpyHNpPxtdOQdkZAbpXAxPn8S1pJqyhYsF4Wjv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8051253d8f9b2c63-FRA
expires: Sat, 31 Aug 2024 16:04:15 GMT

GET
H2 200 videojs.ads.css
cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/6.0.0/ Frame 1A08 917 B
628 B 195ms
0ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/6.0.0/videojs.ads.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 282128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 277
last-modified: Thu, 22 Jun 2023 11:22:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942ede-115"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2uY4%2FXU0YXWUbUqEh%2B7NwyFheFntjsR6Tvhdhs5jwHIdguqTDJP3zgkqEWvapo6X6rWAEqibfZVq8WzG3FELGR5EynxuJaMDqb2xPNiyoiHlVOIPy6Cmf%2FoH%2FEYcV6zutRKInRQWwaY%2BX9o01gSBAgno"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8051253d8f932c63-FRA
expires: Sat, 31 Aug 2024 16:04:15 GMT

GET
H2 200 videojs.ima.min.css
cdnjs.cloudflare.com/ajax/libs/videojs-ima/1.8.3/ Frame 1A08 2 KB
1 KB 183ms
0ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/videojs-ima/1.8.3/videojs.ima.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70fd99f272b1dc23f6181d0bb81cd3d3a27b4e3856796207aa13bb1f668723a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 13730989
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 576
last-modified: Wed, 14 Oct 2020 22:53:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f878181-8f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjqvyKMfi4o%2FxsZO%2BAGyz%2FRGUC5qRMvyCmAPTCt7SxECOeraKL0g3xchclkzykuDqZsWUXztBIYRD38AzNTDbbeLNT1BtOWZe2FIQsIAIN48pOKypvKrrt2Kilt%2Bdw55yfsvC6FJG4yqzKKBvnH1xO0g"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8051253d8f992c63-FRA
expires: Sat, 31 Aug 2024 16:04:15 GMT

GET
H3 200 hlsplugin.js Show response
www.adintrend.tv/js/hls/ Frame 1A08 219 KB
63 KB 74ms
62ms Script
application/javascript 104.21.4.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adintrend.tv/js/hls/hlsplugin.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.4.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e859e75a0a30cb3bfdb4d267d95d9cabb1475ae01a49a48a7a5e9f3be63977a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/hd/live/i.php?ch=3&cxid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw&tmpx=81.95.5.39&ccc=DE&device=desktop&dtime=11-09-2023-11:04&platform=Win32&touch=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 26 Jan 2020 17:24:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3000080
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJTwfVZa59arsLm%2B2ySRaEPMgLXdV0FC7uIhxxcxxmx%2BZOgs2DBrKQkPuzOsrSkzq%2FuVssHI%2F6VQJIlsh%2Fw%2FoXZA0o58vpWRiWizi%2BDcm7vztxlF8NKqSBUfRaZLtPXRP9lT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=5184000
cf-ray: 8051253c9f4418b9-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 06 Oct 2023 22:42:55 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1A08 358 KB
124 KB 211ms
3ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13c151da3c1ba1beea84e45b9a7f92f2b553c26c07615626a55745d5595cd42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126089
x-xss-protection: 0
expires: Mon, 11 Sep 2023 16:04:15 GMT

GET
H2 200 videojs.ads.min.js Show response
cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/6.0.0/ Frame 1A08 23 KB
6 KB 185ms
0ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/videojs-contrib-ads/6.0.0/videojs.ads.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6594b0e243c5017d9a9551c307c96ec67632b3f0887b2ca6652fbddec9c278c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 21645203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5577
last-modified: Mon, 04 May 2020 16:17:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04020-5aaa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMpTcJrgTSyLlkYe86Uk5b1KG%2FogZKDbgL6EFUXzktm%2Fav0eTDaZSH4F0vh3FXBFY%2FC2tg46wvKFDpBTRAca5vRbfoRAI%2BOX2%2FUdWLUmqkbeiN8J0bGllRy1SV%2FP2hVeJjZXOX236rk%2FwOcxa476JwtF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8051253d8f9e2c63-FRA
expires: Sat, 31 Aug 2024 16:04:15 GMT

GET
H2 200 videojs.ima.min.js Show response
cdnjs.cloudflare.com/ajax/libs/videojs-ima/1.8.3/ Frame 1A08 36 KB
6 KB 187ms
0ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/videojs-ima/1.8.3/videojs.ima.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa7d77332417bc1325f1633c3daad67d6c0d813ffcd138d606c8bcf162d82a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 16051365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6172
last-modified: Wed, 14 Oct 2020 22:53:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f87816b-8e04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQxqzTiga1dog5KF8AlA%2FYb1VbspKuqkssFs44TSwTK%2F%2FS2fKjq05lT1udUxeaJZqCaWLpuqs9%2BwxPj7PSUUzwgaxPIE1UJMGVCxS8yLtxD9X6lDyn5XZXVeGn3wLkV6WC1jPVw7WD22EmTJmDS8VeyL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8051253d8fa12c63-FRA
expires: Sat, 31 Aug 2024 16:04:15 GMT

GET
H2 200 ss.jpg
n1.cdn.vet/live/ch3/i/ Frame 1A08 11 KB
12 KB 16ms
16ms Image
image/jpeg 94.75.248.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n1.cdn.vet/live/ch3/i/ss.jpg?sid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw
Requested by: Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/live/i.php?ch=3&cxid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw&tmpx=81.95.5.39&ccc=DE&device=desktop&dtime=11-09-2023-11:04&platform=Win32&touch=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.75.248.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9286d6b853ecea5b85713a13e6cbc657dd9ff27cbccf55d5640a8ee67b416bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:15 GMT
last-modified: Mon, 11 Sep 2023 16:04:03 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range
accept-ranges: bytes
content-length: 11710

GET
DATA 200
OK truncated
/ Frame 1A08 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.adintrend.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 track.php Show response
n1.cdn.vet/live/ Frame 1A08 0
137 B 80ms
22ms XHR
text/html 94.75.248.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://n1.cdn.vet:10000/live/track.php
Requested by: Host: www.adintrend.tv
URL: https://www.adintrend.tv/hd/live/i.php?ch=3&cxid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw&tmpx=81.95.5.39&ccc=DE&device=desktop&dtime=11-09-2023-11:04&platform=Win32&touch=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.75.248.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Sep 2023 16:04:15 GMT
access-control-expose-headers: Content-Length, Content-Range
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 bridge3.588.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E23F 721 KB
231 KB 12ms
7ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adintrend.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7318
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236614
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 14:02:17 GMT
expires: Tue, 10 Sep 2024 14:02:17 GMT
last-modified: Wed, 06 Sep 2023 19:19:14 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1A08 44 KB
17 KB 116ms
35ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:04:16 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BDC8 40 KB
14 KB 74ms
4ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 11 Sep 2023 16:22:16 GMT

GET
H2 200 ch3i.m3u8 Show response
n1.cdn.vet/live/ch3/i/ Frame 1A08 419 B
699 B 90ms
0ms XHR
application/x-mpegurl 94.75.248.161
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://n1.cdn.vet/live/ch3/i/ch3i.m3u8?sid=cjeMmNlNGMzZTcwOGRiNTg3NTVjMwNmFmNTNiZDQ0YzVhNjEw
Requested by: Host: www.adintrend.tv
URL: https://www.adintrend.tv/js/hls/trackviewer.js?t=823429
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.75.248.161 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 62e814784e6836f1bb0331249007f2c043bf89e2fc01e8e78f4eafd4387430e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:16 GMT
last-modified: Mon, 11 Sep 2023 16:04:16 GMT
server: nginx
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1990 05:00:00 GMT

GET
H2 200 container.html Show response
a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5CEA 6 KB
3 KB 72ms
57ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adintrend.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 16:04:15 GMT
expires: Tue, 10 Sep 2024 16:04:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D5A 6 KB
3 KB 64ms
21ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adintrend.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 16:04:15 GMT
expires: Tue, 10 Sep 2024 16:04:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CA0E 624 B
505 B 372ms
0ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNUrPlXWIFVS6rNihmFQlFQVGT25liWeNo1x6TDSqcMhlUlnTD_6kMSp-PFA1jkoFyhOj4t5_7n8PURwUZUc5a2areVIGjVvDMznErTWbsNbPgg7VlkzJjS_ab30YI4Ohs_YLRV3tru9dP_PGlYfswwm9Zeg7Fp0ktVuJn3ebd1sr-YQ3Vw

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 16:04:17 GMT
expires: Mon, 11 Sep 2023 16:04:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5CEA 86 KB
30 KB 198ms
0ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:04:17 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CEA 42 B
110 B 269ms
33ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZv-Jdrhu1R8WC3PI1ZCqwhHG4kC4i-sO_mYJhJlU83CJayX754zwB5czpRAn7ZcYk6tJqEwEkgM11OZe6j7GsV8bjNzaBPPISzraG6aI6wRV1-pU

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CEA 0
121 B 268ms
32ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9073229337258984307&x=1&ct=76

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 5CEA 3 KB
1 KB 344ms
0ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 13:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 13:19:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 5CEA 20 KB
8 KB 341ms
0ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 06:26:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CEA 181 KB
57 KB 179ms
0ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:04:17 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1090 624 B
661 B 359ms
0ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYsIfo4gEwAQ&v=APEucNUixvafEct3sg-2-uHksbmRZ7INUjpQi3JMoh0PG75lc7X_x45DBcYa95ExZhlDvPFn45clxksaDmJBhMKlcaK52Yr6AYrOXHkAq0ISCY9Qtk35f6f8ieS2O5wQ7vJ0zdIeXl_QC8ugqzeT9TvhwnwAoPhghsOHiLK9qpg23EFn0CPy5QA

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 16:04:17 GMT
expires: Mon, 11 Sep 2023 16:04:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7D5A 86 KB
30 KB 258ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:04:17 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D5A 42 B
107 B 257ms
33ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkhjTp0laDic49N7qnlqir7UBlG0_TtM-fhwjWsOeB3mPdM9d-Izv28I7BcBPYy6kMv6ixNc-RTVr2hhn_QW0uUlSmIC6vwmCRghqfek-A2pDEVLo

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D5A 0
56 B 256ms
33ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=418832727872346188&x=1&ct=76

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 7D5A 3 KB
1 KB 332ms
0ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 13:19:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 13:19:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 7D5A 20 KB
8 KB 331ms
0ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 06:26:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D5A 181 KB
57 KB 276ms
51ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:04:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E23F 0
0 333ms
207ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?ws=f&blob=undef&lid=155&sdkv=h.3.588.0&e=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735%2C44800995&id=ima_html5&c=871454485722283&domain=www.adintrend.tv

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E23F 43 KB
8 KB 1067ms
707ms XHR
text/xml 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-3082971108936461&videoad_start_delay=5&description_url=http%3A%2F%2Fwww.adintrend.tv%2Fhd%2F&max_ad_duration=198000&hl=en&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&vpa=click&vpmute=0&sdkv=h.3.588.0&video_product_type=0&min_ad_duration=0&sz=720x405&adsafe=high&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=1&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.8.3&sdki=445&ptt=20&adk=240638545&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735%2C44800995&ref=https%3A%2F%2Fwww.adintrend.tv%2Fhd%2F%3Ft%3Dlive&url=https%3A%2F%2Fwww.adintrend.tv%2Fhd%2F%3Ft%3Dlive&dt=1694448256878&cookie_enabled=1&correlator=755852202403765&ad_block=1&ged=ve4_td2_tt0_pd2_la2000_er335.279.335.279_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

071af8e2ed043340a9c3eef1a1545786b342af08f6d61f1972073a740aac8fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8067
x-xss-protection: 0
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:04:17 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D5A 0
20 B 183ms
128ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=678453050323&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D5A 0
20 B 178ms
125ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=678453050323&version=m202307240101&ct=76&x=1&cor=418832727872346200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7D5A 94 KB
38 KB 105ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmFQ6dyWSPhONIibe14-9qudUEvB2tKo-3BLjDubXb6n9IzK2sW2LXnLQ6B18Fk4PUKcNjKysSY73IFwCVHUbpEYK42mKqTRwUm70etM1U3wqSt_U&cry=1&dbm_d=AKAmf-D8uFWSKJzjEDMUWPEVGoweiWVOrTWQNH_t9aYbS6xa_gx-axBpjarxACftSG2Kb3ZfYt9CnLiE_OvIZ9CP8mBdaHdiBGZiuuodh1jC-wulwABHj0pkYF7qSEUyaDyoYRatSQJPirSWhQ6vQaGeNe_jBt4jdRHJPRhyDWd4IAIu7iu9EwQghjUyCLQBSsQKXZrwV5mOrm0g9ssvRS1pD2qH0bUzHtIYeTHcHt_1Jtd0YquACYtNsMeIPT1PCcYxDWNhZX7u7jBNDbYokKP_BlIz7fGTMYyHUFYQNB_BeMUZHZ2XEJh7V_rXjGxyefz2l60IZ8eejurYZUC3RRDYuVYfbe8muIU8_yz0Olxhcn7jNnajfza7VylPbt0Vnr6cpyNoiBPi9zov6UvQ5hJ3CZzbw75G5yGHzObm-oNtt4zbDUFe03kiMavHRrZRSrkBZExxNwcCZFbEFyS5uUc8Nx8vV5HtxR8gEWx46386v8R9TU8ieblg4sBoj7r3rR3mZJ6OTpKKKNPa9aR8opM_igNiZy9MPiPp_nqUODPe_La5hYVBU6IhNJDUdjrIv74CzTHEJG8CNIOYRkiseWzE9mIsXoiRBZBNDA8VjdiJowzA0ruUtqKMqFPHW36bZAo0EI2LGlbShg0QE09WYj9Zh_-9D-Xks9nAqjU0yv_apq5E-zzXYnLf4jt2X5_KuRN_MboDXi0Thbe4wWAnkjQicLCeb7brwBQWblceMNgRVZpvIcB6stJC-BsHI0tKOqvWGeykCfEtsFZ6bHfcgDO8_c1g2OX7vLkI8Ir4PoFeu8lUDGVcGIdBsu8ud9MYwAbZPGjkkpyR1JQ9CzRMz35396Cl6LGrSVNLXIKP-5ulKFLML7kN89pOf__epzym5H5xxFvCFGWLGTtVL6CV-EX44aRq72y9uAe1duBhAA6QyCMhsGejF8AYWgVtApkco3gZMSZOtJ7KZlE21qXmqr81cNXnfLy0jLBmSZFQY0yFaOelDT_k7p2ulqow24D_WCTJ9bNHEzgFDGfJCFEZj0k303e6zdCGQfcA94HG5EiGts5ELdwpDgKe7Cx0MQUYRHsNjmryEjqyaO0u9DCUcKelpbaVZi-7t87OjRfBwkmqXc6PzYiFlIR71IxzN2JqPqq-oKosbXxYnWtX5pzy24jXif0gqDnh35Tf3d7NaXJEsXJCe3RfURrdjho3IznV-HJ1iGLJyqF3j-Wdc-BhF-tH9aHxbz0RT1QQm7pZ-Yw7LKFY5RMi0NQYextcgeX0rlkaLIozNZKOwS61hVy_O2QPwRQrXOcp0FS-GF1ToAK7Mq88qpuXx-RHR25_mA8RX6qhopqoaoIISvEcQ0YubMp2fnh-QDtZMYh9K3Ej4Y4bPMZ0crG19jGcr5LZUiQzrtSpnz4nFu22TVS-pk8mM_zSUlnt8ZBamDAHm6RqhqsRR4f4O2TrJddP9b910peIZO1aFWhLfpnGvECDNeXttFQ6dTlLbNnCJ9S7eHyAqUotxfZxT0LnzdBPmdCZbo_iUE0Vk4r8PjqWE0ovt6HONyWiAYcg-zjHnsUABPU7FWTGWy19xdooNhKHKnMMjjyHpHKfoaUClNBNUdEJBA-xvxthNOd4_1hU69OH_B_KwJd8yTB1TIbXjWsik1MTmWGWzqztErplMXQd2SpWxWKR5080Gg55wnoP_bF0PyT5aLL-_6cX13aj8kUebProHFm2IBeTKyC8pf1GQe9Ofd2s90HbLgRRXtvUa3gS6imO5tSogz5ybtsyDkTDg3QFIM9AsXkgQBE-f5Jy5buCsw2XeY0WHpth-ZQ3Hcpeqh3tcJ5WuUgCsJSGfHiDlM6jwldDdH0LTvQRkpxZlZCZhTb_DjjPw3FdLgUZaTMQHHWQYdRmXAegW1JzivSqm0rLrb3ZhTJn1VFmgwpX5YILuEc0ks0y6vC3-5Qgbe3zk720Ly3kxAW66csEkfyAl3xTqfwG81fjz8FpmHwh2ui1_xvk4IZuK2KPD7ok5DsNAluv56CJeb-J92Pt8d_9g3c4Ns5DaBTYAinLi0ktxDKd_JggbtH2-wMsEOEzJMx_MVbpodEuIqh1MF7qUKxu3sBdAPSQkqIuI8jRd7O5dbZJUsemzGORXQkIqIb9o7DORPAK3w10gw2XJIe56HPg094Yy-Bpnq6CzkMy_0Yw_n5H2CfhNQpmPUZmyxo1FRhipfrZpnYzsOdOAqQXjKunvUZABcSy6ZDe_SppD84HuBdsJRKzpH_qnmy06fwlYk6-oTrH3gJjEtEPN3cbJufRCnw24pmqWS-sblTPuXULpzoUHLgl_E-QDpqOpUbhEqh66J2ClbZu51hRLwGQiBXrcVSmhdDRDAd8rplk85NYbFK0FKL0ZfOe74RdQze5xPIQN73GzXQWHsLtOfnKKXpQ9AaMtJ08aTfqCSgIbQQn_hlOogMe_ELHQHeB06iYW4NrzTkJDF_og4avbubfAZ6-MMnTNfTmoMaOuZ3nxfXPI26gWGBwbiP-TGAxc7g-gTQqBpeCPPC4hguFp2lQgFTpgjPjn904sPXzS2AZ8K1poQs62BnFekqZYFLePri9Eyz2XxLxFMUvIuOr6JwfMc-S0gCN1q2eX1or3VbthtsrmZ1odnpdXYYbYktRAum1CFEZqBWifYh9G78gbJsFItW_TS8AfLUbKWs9tR8qkm7uyvwTe2FEFsrxknH84jL3feECqAQM1VqwzZ49n5iEeNLh5oqJ6op4DbwkcR0CTG8X3oeYsGotess-IHLEqEO9h40cATtlD65UNSEYp540Hu_AbwYHm76IiqqnSQ2eEE47qsu9B_qogvofIhV-9SixM8NzIrGmPLNCwvsp2O0AKdj78PPWIhpCWAtE7-bzzEQ34Tu-2H5MvIaWLmz-dDEwAzBQJGdVLG-_iUiD3O7mW2e6Wu1SnWSyzhr7gTFAIOq5cVbq9_h5TVZP5zvIxy2SYLyqwk5fqaku0QxhS1FlF6LY0iO0L69dsNV_6Y13cqLHKIcZ6dFPx7ayMVey9n-DkJYld6-xkmPtR30n23tXVLviWn-UaAUw8EMyl1MLXAJfjuN-9QsfXnIWyoq4v-851WF3Em-FeuLoUI8M-yHzthSTgiA4FptIwQYoFcxDtt4eSKQk3b_Og3bJxW4WCa8ZC0snWpoeC0WFeRCoobYET4Lo3YCSGPkFnBGPOmSbbsFGHKcpkwDaJu36xunuvVL53ItFYeppMAlDCfJispX7XbZYXb_s3U4JvQ-EgwQAIHSWbfA6q2xyVKWgS5coice5Xsf_9XMlqj73emfloBlAoG1UKaFlam0TbFo2tSscUemh-QrOUxgOh2CrA5jbXsKpSnFllhw80ICm58_EOEP0JROB5UpXH4KTP6tTRnJECGeHuVS4ZdyeQ2IgpBqYCdjwFzcPmPZI5hg4qrfVm285uYXFR_L6hgKzSVRxFtXRJ4KNMbfFQoNXsxKY4k14YhwWFyz7IR8-D36OB8cowymTVPYr_aoVaWhbztS0D3d3735daMJGjVA1UKsvX45zRrWKwi5anTjof5dOmBW4Pv050i2XnnK34LG04hdL75GrITar0sweCbDbg11afX9OXggIcLW4epBuHJTGiMXnGV-vkikX-KLyYflSpjZXe2SC7DbrBAlR9mhsFJyMLwFXepgV9PK4Qtz1RX2j2IXquOAAIJxIZr5fv9dJbbrCBo6jj0sTeHdszdOdxzjPZBvOrkCvVPXv0CXbHivIQjrQvTU6-mlAkgDPQTrG6t60nYJtPHq6jDxuy0AQQnIvYmiKOx2ZVA&cid=CAQSLgBpAlJWwTJ3F-uO1Ju2YHVkiXZ1Dxa-JfowpljZXrj_MeT9NMSSoW85xmgjc5cYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.adintrend.tv%2F&ds=l&xdt=1&iif=1&cor=418832727872346200&adk=2228999115&idt=313&cac=0&dtd=109

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e99cb65c1811476230cfdbcf75c1eedc243235d69d0dd7511c801ef17a8a77d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CEA 0
20 B 130ms
123ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9118548477786&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CEA 0
20 B 130ms
123ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9118548477786&version=m202307240101&ct=76&x=1&cor=9073229337258984000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5CEA 94 KB
38 KB 167ms
158ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmEAlmyfBRe-Qiu5CzOozoYjDavzSETYT76dVkoPbDd4G-6CVjLGNf7dB-TZFxKJK7sNSLNUfC0BQ9kgZ1esi1Zv2F_aXHYZjgFyUg00kjE7B3p9k&cry=1&dbm_d=AKAmf-CfXBdi4CvatWSDQKmCnNcIV_2pZ9-vNFSCQCPsqW8EVLXNqhbB53Gzt3DZFJRgbp5ygXtB_t_2YGMZQufUYBjMYsuL2K-UFOhabe-u3C8J5t_2WUG5JuX4meH89tlsop4D0ZjT3sslnnWrOv-jh-i2TYrISrZBa8XJEFu9927cqMXd2bpVQRr7eVNDR0i_gsBmxaKTzgxNNL2ZGNbrcqGwKZkM0smWR2cLWb91nmXpqd_JzjEtiE23LPsD2TFbpiOR4ieSeT3_dtNiycQpk3t5cwmoD9E1qcUy-_UH8GwmZ2uGgNO-Nz4B004-T8OTVq9KpDEqhgLtV0Hrob4kzKoVvm_kAyQJkotVHL_Himz1HABEix2UUf6gLLkC7KYEQI4Tckpod5BL81g268lZVMRIQbHmJP3cX3Q9fNw3O0MlR9cA11wn5-ooGJBTo0agU0QaMU373ztgDGjH0156mnDcRpIYPR1ApqL_4co9YO60Hku7FOGR3vneHErczMWXx3IGPZ_o2ksQsEtf5fjL1rh-Ml6mUo2-weIT2kNoRJ_YtfTXVCLn9hQneXzLPmaFqLzw36z6XOfQdeTl3Hv2ULun1a5B1P70ZM5q5tp-zmFfpVKPZNfPWbsc3tVh0iwFSVxN92BbgOR6ECXobEBJukSq1CwnCDcA7NQ5l-mh44A39jBrY-KZSVpdHrepD98UQuii6IzWQCOx9str43LvIzIZwI6kuyrFGaPcEZYUiOmnSMcRsLUiG32KHgmmcP6yifiNg6c9ynkpqAUdZT8HM7XNDHUT2iY5qPoR-rzqV-1VGGQ75r2oqMq_sIzPA2yA8oY4qetLce_Q_ItKbtVxNB5jpDApBH3pCBr6aBgc_4TLJL8yvwHKw5oi-H04kqHl5sc9eloEl6SgqaH8QFoYwK2e44z2ytj-u-XNhIu_IWnZCR5gsAFI9lrncmemyPE-TeIppyrIP-hy38R4FeB_3pKY690SdHvymp20uUqnbIERKhLYMw5uulmoafLvYtyGY1w0eA7Z2WwPEnj_u4g--wJw4ozLfxm03md8tOL3Ht0KUk9svdaL5r82260YftW6gj_wl4FvJi8Bfr6_tUvtW3lKZvOjSvoAuchY1xmdg3FlRFLe_XyXsant_xy4uqIR-lBh9-dYh8qv0MXSXrY1fsqD3FfuQTm67NJr6cTqvX-ce1oNMyBoQ-J8V-1nsAYTD5F3TwwUvQyIEKle7ngStXztQ-ZDQpUNxrz7xHjNtyAN2ge21emM63A_VKaskKcZTruVsVZSaZ8KL6zMUfDE3SLQCiZ79b2ow36oOuoazT2N4s8Xvkwo-xNtko7IpGoy1FZx-rqYypH_QUTkzXqERMSTG2S7mWqE_3MQAG7vTj8Q6ebCOY_yuincJnrQ8svizYdu6Cu8Q12fMaf4xvL0WV_2ucHPiXrUD0yqPKBomQepPhdJC8TGBFlGSG1Mrj1_tDFIe3KRUUdF30-oz-meaIAkvdyE0c8QcwfjEQNYtYiI55-JGoezPNZnIGMWvD1aTEodfq2BQSq2tps3pTdwxBVaJ4HuEC9uwEOYKucHIWuxFJDvc_P5E3Rf-8QZ5UEsy3s03bnTCmpR_sKwXena0bs1xdkodZn95gx3_Bd_ZGZED4MpUbL58XMX806vESt0Px_cjCIMjsKLE3F73DCVtcNN2ocicRR8ptWjedFOK3RTaBYZoY_VefrTXSvTZEHSPSH3SKtsirABYjL73bveXKf9A91ySy7WeG4EVZMUjwpucqpi4CYfSeKvoHUIEnve8JF_uET8fHELuA1n6_SNG4NjN5rU4PF5xM33xDpkRkyElCuq6gKx0Q2oxmAyAzLJqCnMTaP2aa194_r363BmYRWGvCx7BjGr79_fDvLByAa6SVa3H9xu2bmtAhQyaD4Oygz3pPcMpQX0l_9_654-U0vv4n8SIu3OwqwPhvIeYJMnUfzsTVJdc25SegjcNN5J0tf9eP80QrdGu-yGSUgnjPI1ssAK_Qgr_8OA-loQ_YKiBepjlZlCGKCM_ERslfZGTfyhRULEX7yc7fLDoqoco8lcAjFfAbcPGks7GHYWxWqOZnM2TGjEJUtFc0AFSZMgECoCTM415_U8dy7CCpMzKKXNyehI-Zub7cN4OlbfWAflGhKJCZ161T9flTw6fKcSaBFvgawxmIiilN4-9XXyrRoOnqLFJ9BqmwTUfIgKRzD6LPOqc5qT2uenCz8qPLDuVfi3BqcPCOatIkQnEuiiGFDF8xFP1mCzAfYzr_7sht-cl2XsMrV7MVVwJpsE50bTF7GNuplEkDnTLawbBfgpZ_roZZ1l3qnkbrHGiNev_-nzSzKr7BRIglwhaTjgYorGC4Adz_XVJnCrotMcDzXu0Dz2BjhmO9vKbI8q5irZaBBMoPLxTIB7VBpoDsWmbF713PI9MTj1MlAhw7skr977aJXujaO3siI8pnRRmPoI5IoqMDgwpIlHv1O4geN4mXspwU_3U9z5lDrxA3RJwwpvrxAQUlnHxSraJFoL9QZ1fsGd9MVu0kiFD9Ul72YZztkqmuEp8jD_v5doYUqWn2mi_ZVGh73Mq0vgfqqx0lvXfoGS_ZutjZNNsk2XF6cXnBjRBzTASfizQCimVQgmjecO8JHO8bJnsWBQ3FbEwafRuUZtDEWRS-DMItwXwlATj3yHLi0UlXaNfZkOllAh60KJDhi_eTWOzjpwmuLau1Bc7ivC9hDT52ubcGZWD-4HYo2ohdhnp6fo3JBCPrhD1Q_WVL3aqiGBng1fMi2nDNTYVZb-D29KU8p-4umgJpS5n41YwQlcNNDMnkUjeujApz6Fy1DzAEssUZWwLLWJ9NFqh80ZDyhVK2d2xGbmPmAHjxHKZyDncsJvMoCZKdjPGzcIBu9C3uxegK5D-B-y2BIO1-4voVc-41fYG5YLyNQoR_nggoqok4NGzrpwxuaB7P-3XQdhCxxhQnrF5GWGE1-moUET5FSAD1SjNPrbg9990WaUW07cpiY6FTjn5Um-XtN74WxQJBjzrjN8z9VoLJRllxb12CBOum9yCf2KXB1pIjRcB6blk1OTKQHOOrgQ8gttkagl_nCcEZbggryugwlqjTC5Is0fX_lhZ62eljX09VKMp_lks_-4snhvS0nwYtkGuxjDowS8srsbMWdc-fCv84FYx0G2AhWtMhxp_pkVz5lGMmt7MTE7CRzLqYIrxPhlS6FAZvBFwlX_P2xKKoNLaZ3WTSYNDumNclLf9If_Qudt0dRsHvQL_Jk6S4lm1qXXgjejKHpl8t_D-BIH5YYSh_awrqcL1-SDG_4r4_6-zHbqUQPB-38V0TURuCnI_h5bl3jPJ3cA-UCUl-8DwJ04Ik4ZEXzMOFlNfwf8u3P7S8Dae5uHEDPOFdx0OvKhO58i0LKo-v-u02n6Np3LPg22sSzWe1a7mBoYBA-EurKyiRIfF5cPNX9GtLxCJ2-3Bq86BWWSdxTZLzuDoNgpP1LGgARUDj1dCKtxqTdOwEhqh6JQXfmIR964NAcQxQ721KOHyrDctwHbPLIgtefN7feHplCVnQjSj1mMeSfgtg97vEEB9eFpRgwFjqi0P0s6LfPI89YpGkXG1KVOEC_2QtFpsBBNiidFtlL-AB4ueMbO_SWab4DMCH5mw-im5VUl87IW9JUXHI0JxDuC9jxjqMQk6Q4jct_ivaxGEU22wSBIZOYCVDv5Z_YzssBRqpSerFoGa5K8bqwuZhHKZba3EH_IFJNbRH684DA&cid=CAQSLgBpAlJWwTJ3F-uO1Ju2YHVkiXZ1Dxa-JfowpljZXrj_MeT9NMSSoW85xmgjc5cYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.adintrend.tv%2F&ds=l&xdt=1&iif=1&cor=9073229337258984000&adk=1964084972&idt=393&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ff17dea2477f8d6436e9b24c59c14f2dcb5bfeff4f17c1386fc230e2a32b164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38826
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 1090
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbuGXsSyVjEXB_LPVQXBxs&google_cver=1

43 B
337 B

30ms
26ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbuGXsSyVjEXB_LPVQXBxs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYsIfo4gEwAQ&v=APEucNUixvafEct3sg-2-uHksbmRZ7INUjpQi3JMoh0PG75lc7X_x45DBcYa95ExZhlDvPFn45clxksaDmJBhMKlcaK52Yr6AYrOXHkAq0ISCY9Qtk35f6f8ieS2O5wQ7vJ0zdIeXl_QC8ugqzeT9TvhwnwAoPhghsOHiLK9qpg23EFn0CPy5QA
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6ISV4uCMcKkoDS4Zy3y3c1t5kZyUDntoYBlswkoSffeeaqGQxfAbB8BdyeBJXsSR%2FN4l3mPXRBZ5z1DsJEnl9dPHUC3X%2FJ%2BI2v1jTIxsr8T94RhudMDFeGK0RKcyofCyODFX7lbWOLcbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8051254bcdbe3718-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbuGXsSyVjEXB_LPVQXBxs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1090
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZP86gXrsHO8bC70JtKNgfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGAi0vhXBmCFDuFUoU4Acs&google_cver=1

43 B
769 B

37ms
35ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGAi0vhXBmCFDuFUoU4Acs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYsIfo4gEwAQ&v=APEucNUixvafEct3sg-2-uHksbmRZ7INUjpQi3JMoh0PG75lc7X_x45DBcYa95ExZhlDvPFn45clxksaDmJBhMKlcaK52Yr6AYrOXHkAq0ISCY9Qtk35f6f8ieS2O5wQ7vJ0zdIeXl_QC8ugqzeT9TvhwnwAoPhghsOHiLK9qpg23EFn0CPy5QA
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wt%2F71TghAI%2BQ9zUxORengo4uV5yOu%2FFZGruX8B0ujJwJiies5pilXgRbT5LzfAKGQECLxJKztDSnoD36Ff8xTqWjT4OsE7RI12z63AnfvnKdSnPfFeCVIu72elTX6OfbhoTDq%2FGdISSLIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8051254d18332c43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGAi0vhXBmCFDuFUoU4Acs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 1090
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDAUlZ8uxpsENCxuuKLXmDc&google_cver=1

43 B
838 B

40ms
23ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDAUlZ8uxpsENCxuuKLXmDc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYsIfo4gEwAQ&v=APEucNUixvafEct3sg-2-uHksbmRZ7INUjpQi3JMoh0PG75lc7X_x45DBcYa95ExZhlDvPFn45clxksaDmJBhMKlcaK52Yr6AYrOXHkAq0ISCY9Qtk35f6f8ieS2O5wQ7vJ0zdIeXl_QC8ugqzeT9TvhwnwAoPhghsOHiLK9qpg23EFn0CPy5QA

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
an-x-request-uuid: 69f5d3f8-08fc-4048-be5d-c7804ba65aa5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.39; 81.95.5.39; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDAUlZ8uxpsENCxuuKLXmDc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1090
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NjUzMjA3MDg1MzI5MTUxNg%3D%3D

170 B
243 B

50ms
26ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NjUzMjA3MDg1MzI5MTUxNg%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
an-x-request-uuid: dc5709b8-4e1c-42ac-9456-9c40f59794c0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NjUzMjA3MDg1MzI5MTUxNg%3D%3D
x-proxy-origin: 81.95.5.39; 81.95.5.39; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame CA0E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbuGXsSyVjEXB_LPVQXBxs&google_cver=1

43 B
325 B

30ms
27ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbuGXsSyVjEXB_LPVQXBxs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNUrPlXWIFVS6rNihmFQlFQVGT25liWeNo1x6TDSqcMhlUlnTD_6kMSp-PFA1jkoFyhOj4t5_7n8PURwUZUc5a2areVIGjVvDMznErTWbsNbPgg7VlkzJjS_ab30YI4Ohs_YLRV3tru9dP_PGlYfswwm9Zeg7Fp0ktVuJn3ebd1sr-YQ3Vw
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y74a1o2cE9quKl6BFPCA2zigDKvpAbX3PM27lKpz6fV76TmkeH6vIiI14R%2BMdkFuGq42K6tKQmVWVcszXU7cnqJDopb0jZ3e0%2FJkKQu649I5MewILSjrhK3lpah23%2FHTwT%2BNc7VmTrfneQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8051254bcdbf3718-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENbuGXsSyVjEXB_LPVQXBxs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CA0E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZP86gXrsHO8bC70JtKNgfAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGAi0vhXBmCFDuFUoU4Acs&google_cver=1

43 B
734 B

37ms
36ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGAi0vhXBmCFDuFUoU4Acs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNUrPlXWIFVS6rNihmFQlFQVGT25liWeNo1x6TDSqcMhlUlnTD_6kMSp-PFA1jkoFyhOj4t5_7n8PURwUZUc5a2areVIGjVvDMznErTWbsNbPgg7VlkzJjS_ab30YI4Ohs_YLRV3tru9dP_PGlYfswwm9Zeg7Fp0ktVuJn3ebd1sr-YQ3Vw
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJsgfMazVcAp8aaAy85cSdWCnUUXfBvcjMfr%2F6qutzCvL%2B92hMzerFb7avrs%2FV%2F8bm17Hhgph76kuKNLBZXwIHCJA4JzjAymgG3c4MM49iI2cm6fhPbSVLvXSvpiu%2FOMFVcqdEFK7x71Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8051254d18312c43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGAi0vhXBmCFDuFUoU4Acs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame CA0E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDAUlZ8uxpsENCxuuKLXmDc&google_cver=1

43 B
838 B

34ms
22ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDAUlZ8uxpsENCxuuKLXmDc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY0oro4gEwAQ&v=APEucNUrPlXWIFVS6rNihmFQlFQVGT25liWeNo1x6TDSqcMhlUlnTD_6kMSp-PFA1jkoFyhOj4t5_7n8PURwUZUc5a2areVIGjVvDMznErTWbsNbPgg7VlkzJjS_ab30YI4Ohs_YLRV3tru9dP_PGlYfswwm9Zeg7Fp0ktVuJn3ebd1sr-YQ3Vw

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
an-x-request-uuid: 2cb8cdc7-4624-4e25-8063-784c8ad6b087
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.39; 81.95.5.39; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDAUlZ8uxpsENCxuuKLXmDc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA0E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NjUzMjA3MDg1MzI5MTUxNg%3D%3D

170 B
188 B

36ms
35ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NjUzMjA3MDg1MzI5MTUxNg%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:17 GMT
an-x-request-uuid: 1f84e727-efa0-4128-a5de-360fec31fc62
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY2NjUzMjA3MDg1MzI5MTUxNg%3D%3D
x-proxy-origin: 81.95.5.39; 81.95.5.39; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7D5A 172 KB
60 KB 82ms
39ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
Origin: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 07:05:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 7D5A 11 KB
4 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmFQ6dyWSPhONIibe14-9qudUEvB2tKo-3BLjDubXb6n9IzK2sW2LXnLQ6B18Fk4PUKcNjKysSY73IFwCVHUbpEYK42mKqTRwUm70etM1U3wqSt_U&cry=1&dbm_d=AKAmf-D8uFWSKJzjEDMUWPEVGoweiWVOrTWQNH_t9aYbS6xa_gx-axBpjarxACftSG2Kb3ZfYt9CnLiE_OvIZ9CP8mBdaHdiBGZiuuodh1jC-wulwABHj0pkYF7qSEUyaDyoYRatSQJPirSWhQ6vQaGeNe_jBt4jdRHJPRhyDWd4IAIu7iu9EwQghjUyCLQBSsQKXZrwV5mOrm0g9ssvRS1pD2qH0bUzHtIYeTHcHt_1Jtd0YquACYtNsMeIPT1PCcYxDWNhZX7u7jBNDbYokKP_BlIz7fGTMYyHUFYQNB_BeMUZHZ2XEJh7V_rXjGxyefz2l60IZ8eejurYZUC3RRDYuVYfbe8muIU8_yz0Olxhcn7jNnajfza7VylPbt0Vnr6cpyNoiBPi9zov6UvQ5hJ3CZzbw75G5yGHzObm-oNtt4zbDUFe03kiMavHRrZRSrkBZExxNwcCZFbEFyS5uUc8Nx8vV5HtxR8gEWx46386v8R9TU8ieblg4sBoj7r3rR3mZJ6OTpKKKNPa9aR8opM_igNiZy9MPiPp_nqUODPe_La5hYVBU6IhNJDUdjrIv74CzTHEJG8CNIOYRkiseWzE9mIsXoiRBZBNDA8VjdiJowzA0ruUtqKMqFPHW36bZAo0EI2LGlbShg0QE09WYj9Zh_-9D-Xks9nAqjU0yv_apq5E-zzXYnLf4jt2X5_KuRN_MboDXi0Thbe4wWAnkjQicLCeb7brwBQWblceMNgRVZpvIcB6stJC-BsHI0tKOqvWGeykCfEtsFZ6bHfcgDO8_c1g2OX7vLkI8Ir4PoFeu8lUDGVcGIdBsu8ud9MYwAbZPGjkkpyR1JQ9CzRMz35396Cl6LGrSVNLXIKP-5ulKFLML7kN89pOf__epzym5H5xxFvCFGWLGTtVL6CV-EX44aRq72y9uAe1duBhAA6QyCMhsGejF8AYWgVtApkco3gZMSZOtJ7KZlE21qXmqr81cNXnfLy0jLBmSZFQY0yFaOelDT_k7p2ulqow24D_WCTJ9bNHEzgFDGfJCFEZj0k303e6zdCGQfcA94HG5EiGts5ELdwpDgKe7Cx0MQUYRHsNjmryEjqyaO0u9DCUcKelpbaVZi-7t87OjRfBwkmqXc6PzYiFlIR71IxzN2JqPqq-oKosbXxYnWtX5pzy24jXif0gqDnh35Tf3d7NaXJEsXJCe3RfURrdjho3IznV-HJ1iGLJyqF3j-Wdc-BhF-tH9aHxbz0RT1QQm7pZ-Yw7LKFY5RMi0NQYextcgeX0rlkaLIozNZKOwS61hVy_O2QPwRQrXOcp0FS-GF1ToAK7Mq88qpuXx-RHR25_mA8RX6qhopqoaoIISvEcQ0YubMp2fnh-QDtZMYh9K3Ej4Y4bPMZ0crG19jGcr5LZUiQzrtSpnz4nFu22TVS-pk8mM_zSUlnt8ZBamDAHm6RqhqsRR4f4O2TrJddP9b910peIZO1aFWhLfpnGvECDNeXttFQ6dTlLbNnCJ9S7eHyAqUotxfZxT0LnzdBPmdCZbo_iUE0Vk4r8PjqWE0ovt6HONyWiAYcg-zjHnsUABPU7FWTGWy19xdooNhKHKnMMjjyHpHKfoaUClNBNUdEJBA-xvxthNOd4_1hU69OH_B_KwJd8yTB1TIbXjWsik1MTmWGWzqztErplMXQd2SpWxWKR5080Gg55wnoP_bF0PyT5aLL-_6cX13aj8kUebProHFm2IBeTKyC8pf1GQe9Ofd2s90HbLgRRXtvUa3gS6imO5tSogz5ybtsyDkTDg3QFIM9AsXkgQBE-f5Jy5buCsw2XeY0WHpth-ZQ3Hcpeqh3tcJ5WuUgCsJSGfHiDlM6jwldDdH0LTvQRkpxZlZCZhTb_DjjPw3FdLgUZaTMQHHWQYdRmXAegW1JzivSqm0rLrb3ZhTJn1VFmgwpX5YILuEc0ks0y6vC3-5Qgbe3zk720Ly3kxAW66csEkfyAl3xTqfwG81fjz8FpmHwh2ui1_xvk4IZuK2KPD7ok5DsNAluv56CJeb-J92Pt8d_9g3c4Ns5DaBTYAinLi0ktxDKd_JggbtH2-wMsEOEzJMx_MVbpodEuIqh1MF7qUKxu3sBdAPSQkqIuI8jRd7O5dbZJUsemzGORXQkIqIb9o7DORPAK3w10gw2XJIe56HPg094Yy-Bpnq6CzkMy_0Yw_n5H2CfhNQpmPUZmyxo1FRhipfrZpnYzsOdOAqQXjKunvUZABcSy6ZDe_SppD84HuBdsJRKzpH_qnmy06fwlYk6-oTrH3gJjEtEPN3cbJufRCnw24pmqWS-sblTPuXULpzoUHLgl_E-QDpqOpUbhEqh66J2ClbZu51hRLwGQiBXrcVSmhdDRDAd8rplk85NYbFK0FKL0ZfOe74RdQze5xPIQN73GzXQWHsLtOfnKKXpQ9AaMtJ08aTfqCSgIbQQn_hlOogMe_ELHQHeB06iYW4NrzTkJDF_og4avbubfAZ6-MMnTNfTmoMaOuZ3nxfXPI26gWGBwbiP-TGAxc7g-gTQqBpeCPPC4hguFp2lQgFTpgjPjn904sPXzS2AZ8K1poQs62BnFekqZYFLePri9Eyz2XxLxFMUvIuOr6JwfMc-S0gCN1q2eX1or3VbthtsrmZ1odnpdXYYbYktRAum1CFEZqBWifYh9G78gbJsFItW_TS8AfLUbKWs9tR8qkm7uyvwTe2FEFsrxknH84jL3feECqAQM1VqwzZ49n5iEeNLh5oqJ6op4DbwkcR0CTG8X3oeYsGotess-IHLEqEO9h40cATtlD65UNSEYp540Hu_AbwYHm76IiqqnSQ2eEE47qsu9B_qogvofIhV-9SixM8NzIrGmPLNCwvsp2O0AKdj78PPWIhpCWAtE7-bzzEQ34Tu-2H5MvIaWLmz-dDEwAzBQJGdVLG-_iUiD3O7mW2e6Wu1SnWSyzhr7gTFAIOq5cVbq9_h5TVZP5zvIxy2SYLyqwk5fqaku0QxhS1FlF6LY0iO0L69dsNV_6Y13cqLHKIcZ6dFPx7ayMVey9n-DkJYld6-xkmPtR30n23tXVLviWn-UaAUw8EMyl1MLXAJfjuN-9QsfXnIWyoq4v-851WF3Em-FeuLoUI8M-yHzthSTgiA4FptIwQYoFcxDtt4eSKQk3b_Og3bJxW4WCa8ZC0snWpoeC0WFeRCoobYET4Lo3YCSGPkFnBGPOmSbbsFGHKcpkwDaJu36xunuvVL53ItFYeppMAlDCfJispX7XbZYXb_s3U4JvQ-EgwQAIHSWbfA6q2xyVKWgS5coice5Xsf_9XMlqj73emfloBlAoG1UKaFlam0TbFo2tSscUemh-QrOUxgOh2CrA5jbXsKpSnFllhw80ICm58_EOEP0JROB5UpXH4KTP6tTRnJECGeHuVS4ZdyeQ2IgpBqYCdjwFzcPmPZI5hg4qrfVm285uYXFR_L6hgKzSVRxFtXRJ4KNMbfFQoNXsxKY4k14YhwWFyz7IR8-D36OB8cowymTVPYr_aoVaWhbztS0D3d3735daMJGjVA1UKsvX45zRrWKwi5anTjof5dOmBW4Pv050i2XnnK34LG04hdL75GrITar0sweCbDbg11afX9OXggIcLW4epBuHJTGiMXnGV-vkikX-KLyYflSpjZXe2SC7DbrBAlR9mhsFJyMLwFXepgV9PK4Qtz1RX2j2IXquOAAIJxIZr5fv9dJbbrCBo6jj0sTeHdszdOdxzjPZBvOrkCvVPXv0CXbHivIQjrQvTU6-mlAkgDPQTrG6t60nYJtPHq6jDxuy0AQQnIvYmiKOx2ZVA&cid=CAQSLgBpAlJWwTJ3F-uO1Ju2YHVkiXZ1Dxa-JfowpljZXrj_MeT9NMSSoW85xmgjc5cYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.adintrend.tv%2F&ds=l&xdt=1&iif=1&cor=418832727872346200&adk=2228999115&idt=313&cac=0&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:12:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 7D5A 30 KB
11 KB 58ms
37ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 06:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 06:26:49 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7D5A 41 KB
14 KB 49ms
1ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 07:28:06 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5CEA 172 KB
60 KB 62ms
40ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
Origin: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:05:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 07:05:16 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 5CEA 11 KB
4 KB 77ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmEAlmyfBRe-Qiu5CzOozoYjDavzSETYT76dVkoPbDd4G-6CVjLGNf7dB-TZFxKJK7sNSLNUfC0BQ9kgZ1esi1Zv2F_aXHYZjgFyUg00kjE7B3p9k&cry=1&dbm_d=AKAmf-CfXBdi4CvatWSDQKmCnNcIV_2pZ9-vNFSCQCPsqW8EVLXNqhbB53Gzt3DZFJRgbp5ygXtB_t_2YGMZQufUYBjMYsuL2K-UFOhabe-u3C8J5t_2WUG5JuX4meH89tlsop4D0ZjT3sslnnWrOv-jh-i2TYrISrZBa8XJEFu9927cqMXd2bpVQRr7eVNDR0i_gsBmxaKTzgxNNL2ZGNbrcqGwKZkM0smWR2cLWb91nmXpqd_JzjEtiE23LPsD2TFbpiOR4ieSeT3_dtNiycQpk3t5cwmoD9E1qcUy-_UH8GwmZ2uGgNO-Nz4B004-T8OTVq9KpDEqhgLtV0Hrob4kzKoVvm_kAyQJkotVHL_Himz1HABEix2UUf6gLLkC7KYEQI4Tckpod5BL81g268lZVMRIQbHmJP3cX3Q9fNw3O0MlR9cA11wn5-ooGJBTo0agU0QaMU373ztgDGjH0156mnDcRpIYPR1ApqL_4co9YO60Hku7FOGR3vneHErczMWXx3IGPZ_o2ksQsEtf5fjL1rh-Ml6mUo2-weIT2kNoRJ_YtfTXVCLn9hQneXzLPmaFqLzw36z6XOfQdeTl3Hv2ULun1a5B1P70ZM5q5tp-zmFfpVKPZNfPWbsc3tVh0iwFSVxN92BbgOR6ECXobEBJukSq1CwnCDcA7NQ5l-mh44A39jBrY-KZSVpdHrepD98UQuii6IzWQCOx9str43LvIzIZwI6kuyrFGaPcEZYUiOmnSMcRsLUiG32KHgmmcP6yifiNg6c9ynkpqAUdZT8HM7XNDHUT2iY5qPoR-rzqV-1VGGQ75r2oqMq_sIzPA2yA8oY4qetLce_Q_ItKbtVxNB5jpDApBH3pCBr6aBgc_4TLJL8yvwHKw5oi-H04kqHl5sc9eloEl6SgqaH8QFoYwK2e44z2ytj-u-XNhIu_IWnZCR5gsAFI9lrncmemyPE-TeIppyrIP-hy38R4FeB_3pKY690SdHvymp20uUqnbIERKhLYMw5uulmoafLvYtyGY1w0eA7Z2WwPEnj_u4g--wJw4ozLfxm03md8tOL3Ht0KUk9svdaL5r82260YftW6gj_wl4FvJi8Bfr6_tUvtW3lKZvOjSvoAuchY1xmdg3FlRFLe_XyXsant_xy4uqIR-lBh9-dYh8qv0MXSXrY1fsqD3FfuQTm67NJr6cTqvX-ce1oNMyBoQ-J8V-1nsAYTD5F3TwwUvQyIEKle7ngStXztQ-ZDQpUNxrz7xHjNtyAN2ge21emM63A_VKaskKcZTruVsVZSaZ8KL6zMUfDE3SLQCiZ79b2ow36oOuoazT2N4s8Xvkwo-xNtko7IpGoy1FZx-rqYypH_QUTkzXqERMSTG2S7mWqE_3MQAG7vTj8Q6ebCOY_yuincJnrQ8svizYdu6Cu8Q12fMaf4xvL0WV_2ucHPiXrUD0yqPKBomQepPhdJC8TGBFlGSG1Mrj1_tDFIe3KRUUdF30-oz-meaIAkvdyE0c8QcwfjEQNYtYiI55-JGoezPNZnIGMWvD1aTEodfq2BQSq2tps3pTdwxBVaJ4HuEC9uwEOYKucHIWuxFJDvc_P5E3Rf-8QZ5UEsy3s03bnTCmpR_sKwXena0bs1xdkodZn95gx3_Bd_ZGZED4MpUbL58XMX806vESt0Px_cjCIMjsKLE3F73DCVtcNN2ocicRR8ptWjedFOK3RTaBYZoY_VefrTXSvTZEHSPSH3SKtsirABYjL73bveXKf9A91ySy7WeG4EVZMUjwpucqpi4CYfSeKvoHUIEnve8JF_uET8fHELuA1n6_SNG4NjN5rU4PF5xM33xDpkRkyElCuq6gKx0Q2oxmAyAzLJqCnMTaP2aa194_r363BmYRWGvCx7BjGr79_fDvLByAa6SVa3H9xu2bmtAhQyaD4Oygz3pPcMpQX0l_9_654-U0vv4n8SIu3OwqwPhvIeYJMnUfzsTVJdc25SegjcNN5J0tf9eP80QrdGu-yGSUgnjPI1ssAK_Qgr_8OA-loQ_YKiBepjlZlCGKCM_ERslfZGTfyhRULEX7yc7fLDoqoco8lcAjFfAbcPGks7GHYWxWqOZnM2TGjEJUtFc0AFSZMgECoCTM415_U8dy7CCpMzKKXNyehI-Zub7cN4OlbfWAflGhKJCZ161T9flTw6fKcSaBFvgawxmIiilN4-9XXyrRoOnqLFJ9BqmwTUfIgKRzD6LPOqc5qT2uenCz8qPLDuVfi3BqcPCOatIkQnEuiiGFDF8xFP1mCzAfYzr_7sht-cl2XsMrV7MVVwJpsE50bTF7GNuplEkDnTLawbBfgpZ_roZZ1l3qnkbrHGiNev_-nzSzKr7BRIglwhaTjgYorGC4Adz_XVJnCrotMcDzXu0Dz2BjhmO9vKbI8q5irZaBBMoPLxTIB7VBpoDsWmbF713PI9MTj1MlAhw7skr977aJXujaO3siI8pnRRmPoI5IoqMDgwpIlHv1O4geN4mXspwU_3U9z5lDrxA3RJwwpvrxAQUlnHxSraJFoL9QZ1fsGd9MVu0kiFD9Ul72YZztkqmuEp8jD_v5doYUqWn2mi_ZVGh73Mq0vgfqqx0lvXfoGS_ZutjZNNsk2XF6cXnBjRBzTASfizQCimVQgmjecO8JHO8bJnsWBQ3FbEwafRuUZtDEWRS-DMItwXwlATj3yHLi0UlXaNfZkOllAh60KJDhi_eTWOzjpwmuLau1Bc7ivC9hDT52ubcGZWD-4HYo2ohdhnp6fo3JBCPrhD1Q_WVL3aqiGBng1fMi2nDNTYVZb-D29KU8p-4umgJpS5n41YwQlcNNDMnkUjeujApz6Fy1DzAEssUZWwLLWJ9NFqh80ZDyhVK2d2xGbmPmAHjxHKZyDncsJvMoCZKdjPGzcIBu9C3uxegK5D-B-y2BIO1-4voVc-41fYG5YLyNQoR_nggoqok4NGzrpwxuaB7P-3XQdhCxxhQnrF5GWGE1-moUET5FSAD1SjNPrbg9990WaUW07cpiY6FTjn5Um-XtN74WxQJBjzrjN8z9VoLJRllxb12CBOum9yCf2KXB1pIjRcB6blk1OTKQHOOrgQ8gttkagl_nCcEZbggryugwlqjTC5Is0fX_lhZ62eljX09VKMp_lks_-4snhvS0nwYtkGuxjDowS8srsbMWdc-fCv84FYx0G2AhWtMhxp_pkVz5lGMmt7MTE7CRzLqYIrxPhlS6FAZvBFwlX_P2xKKoNLaZ3WTSYNDumNclLf9If_Qudt0dRsHvQL_Jk6S4lm1qXXgjejKHpl8t_D-BIH5YYSh_awrqcL1-SDG_4r4_6-zHbqUQPB-38V0TURuCnI_h5bl3jPJ3cA-UCUl-8DwJ04Ik4ZEXzMOFlNfwf8u3P7S8Dae5uHEDPOFdx0OvKhO58i0LKo-v-u02n6Np3LPg22sSzWe1a7mBoYBA-EurKyiRIfF5cPNX9GtLxCJ2-3Bq86BWWSdxTZLzuDoNgpP1LGgARUDj1dCKtxqTdOwEhqh6JQXfmIR964NAcQxQ721KOHyrDctwHbPLIgtefN7feHplCVnQjSj1mMeSfgtg97vEEB9eFpRgwFjqi0P0s6LfPI89YpGkXG1KVOEC_2QtFpsBBNiidFtlL-AB4ueMbO_SWab4DMCH5mw-im5VUl87IW9JUXHI0JxDuC9jxjqMQk6Q4jct_ivaxGEU22wSBIZOYCVDv5Z_YzssBRqpSerFoGa5K8bqwuZhHKZba3EH_IFJNbRH684DA&cid=CAQSLgBpAlJWwTJ3F-uO1Ju2YHVkiXZ1Dxa-JfowpljZXrj_MeT9NMSSoW85xmgjc5cYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.adintrend.tv%2F&ds=l&xdt=1&iif=1&cor=9073229337258984000&adk=1964084972&idt=393&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 07:12:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 5CEA 30 KB
11 KB 72ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 06:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11585
x-xss-protection: 0
server: cafe
etag: 30886230758233217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 06:26:49 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5CEA 41 KB
13 KB 40ms
0ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 07:28:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 290171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 07:28:06 GMT

GET
DATA 200
OK truncated
/ Frame 5CEA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 321868530f2608dce411bb79dd3174b598a52c05044c0cb193e0f19400a339d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7D5A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3441238de75d6ab65cb1c181fbb0fd985dd0080896d34abab7c3bebbc1e38322

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E144 22 KB
8 KB 56ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 293871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 06:26:27 GMT
expires: Sat, 07 Sep 2024 06:26:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 439E 22 KB
8 KB 58ms
9ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 293871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Sep 2023 06:26:27 GMT
expires: Sat, 07 Sep 2024 06:26:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/2230318213786861877/ Frame 20F8 1 KB
918 B 59ms
18ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c28c363294add55856865b33329eaba48bfdeaae8edb0b11b87ea677764695a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 16:04:18 GMT
expires: Tue, 10 Sep 2024 16:04:18 GMT
last-modified: Thu, 27 Apr 2023 13:47:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7D5A 0
0 356ms
65ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstC4ud1TStDiwYNCU2Ab14KUj-r_iq_w-GsEdhmW3eWIjwPCb5YKC3R5PwAl-0esGgb4nQqYqhvTtY0d6B-56CTLOJrpkofu3aFJ0NNW-HuURiApHcuTYniq4QfvYTvn2srnWYJAMZCUEgExZEx3S4LQIwjqY1F1ewtdQolXj42tNneLZ1pEtOi6_DraQ5-yvyicwe5DMum8Tmqrv2qQ_cGw0XqS85pjfFb6rkC6Z190mNfSwUaXFrbI5CV48buNoeAeALYXZf_9jyDDps64lbJAatKuDX7nHiPfyTCjDaFSskTewUPaarSNV4eM6kpllQyHne2sS9Re1_brUJPQjYJhPMuhLoA7_eXEA0XAnLCjUZ9N_hQjvrmsHmoNXEchZD5xdLmF2ejKY25z7TwEz5c1wLpi3MkPMHOUYG2N933Do0tNJSw0TEKJ7yuwdSkAiHI9OPg4tSpCMTmtho4U6VekpSfnRio9zVNNoAPBb7Jl94FIgJ9I6eD70zdQg72BdtNv8SHlyxeHh1m-aLfikvFV0GUVa0qTsG8vYr8rObQyDKHrhnFyg2ohzCnZEg46Q9BMOmMCa1jzLJU3_jQZBFNRy3c4Sgs8fuNPPDpki_sbWNgawv0Irkg6A1GWaVJbT9Ql00jbqbuByOjEsFWd7k2wPKHu6rFqYwaiYE8-1ammlXvJECzBI_a0R3hHPceJ_1JHdJlTgzsdxoDBmBPcBRGOGk6jCR0zhwGPBt4CC02FBQ4IsiYNVmmEOeik2DBdwS-PWWZuZTcJ1S6lyDDRlORgh5lR60TRfohK8Eh9xPdiY6XBHXd2Vndzq59afmRIVuz0FoXshb7FH8riAPXnMh_E_2HzcEmdt6xRaTJp69tDAlBlSyXgV_Fsv5d_hY2nGY_NdzEP2n8OLR-unWYD2hqSBdmhXdBU0xsH3vfGDaWgZBITzORCzREkfgEbWLs4PVqD-hAPiOaepK7mpamK8IoAbXXUIFr_jRRDSbElLRODFthp9nnU7rdGNIiIh7-mA9_JAEwcJkBmFfiLgl14iQao8bGlc6scZev1vBo33DMnmqLEBAKotWyJ8qb5-qw1ZJJ3Vll5sgcGNaRFAiO-1AfjExgDZHvpaEQeEeV4BzegJs-QZS2WKqrFfcj0MZaHr7JRAM29DPsSfmy2jnnQ7D0JC7hGihZ8vPp-34dHBHBTQhnlTEyw0bE0f4Oj9Qm1BnDdBK64eFTjZ-j_2LaNT3GNvuGmc6yowpVPNFg4et0B2nTU-EWLQKOsFAndZMzkWXz5wRS_8tEQdtOFZAe3u7pCsZIEBGC7SxOKBoV9Nx_aGnKLCgnrgEB93O&sai=AMfl-YTPOObgOEIidEOH0WdtCey80yTxa0zWX8TE1Vs1UvzzbEA16MMpVDsP4btFu-ykMF6F_r0x4eCNWh6s187NjYf3c4T26rDj74n3Fi8EwfWFfLNjt3UrYEFh2NRpcXIJCAmLPnlofamhrIcb2_WhRIZ8X6EPghneKytqvv74zQkJiXCWhLp75tWG_tXQ0mLSVmrWMReEzqEogYxUPhQ9kFm7G4D2UEen1Y2wj6mBGeMivBQ&sig=Cg0ArKJSzLB3Zl4LbgAmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=414&cbvp=1&cstd=398&cisv=r20230906.05374&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Sep 2023 16:04:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:04:18 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 7D5A 60 B
60 B 342ms
35ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=181030992&extPm=361577631&gdpr_consent=&gdpr=

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 16:04:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 11 Sep 2023 04:04:18 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1119
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/15415463092317913147/ Frame DF6A 1 KB
833 B 57ms
19ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 16:04:18 GMT
expires: Tue, 10 Sep 2024 16:04:18 GMT
last-modified: Thu, 27 Apr 2023 13:50:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5CEA 0
0 325ms
64ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueF-zLI16hF7sTJfLwuC_asTdh468-iGuWKqUAA5xlZUUTEWZZbL-FgTivDhnzyi1yKOKJ0vulPFZ5y_25zLwOFxkn5K2KS7sYtRYSHbBcMxFc7sAVmVxqHUs_WulAUzeMlvJYP4WuIV819YqIleB1hhcoHJjcmVhnUd7lFuR_ZOhBKWFPg5hOeITgNXxejirPrBToUu8KeEpIT0XheXk9LeDeUEJY-axoXKjwUslpj0Rf9WAsK2MoW7zdG84Fy5NURXDtCPU5dS-wfbeY00KCDk4tIEBulMrR3M8G99qx8NPwYvWv7HNZ4j8BUlk6cmncGT91Rp94OivmVf7zxUGCFi4wiwsUzdGG_q_BeYZjjg_ojbfgLseNVD3W0hVd57mPSjflqVz0Hywoi2N_m_gpKDnKpaLYNqAdx1pICjJtWROfH891anl2HQaPpbyl-7ffzjxc4vTe7hTHwxLyre5YuiALYFfHo4f0X0_joQfyW7q9JorX9AzUQGfu-0w3CzdrfJ3aHWBjGKtJQ2HmaVDdDJg7TBdD9xc7Pzeo0gQX1zinZf7HoT4XzjkVP8CxPamhQWjvVpoAQF200o98rEfLWIX5CifYgx9EPRlH2BSCRnKnPkzLIGAgkYGY45cAKiQkPgO9HIAcoDg7MXyN-j7IBx0_MBjkouO7cyqWLb6c1s5JFDZ8e3heKZoL5p7bazKF70oxZNM0BnZ2pnBCa8xn66LUIe-dR_63KjIlCBy5MsuEi5Pd8ejlV1IL6_urN4tLD83Go4wybMh1P2NPrkTMJOG9223EHjA-KgJ-qQpWfpZTsEs-z4tX8ABh8VsucxaChPB5DhKLCL-PdpHPWm7C13HZEjRHQWhwqcGNg7S9I_VGrpgI72GO1_f-vD85P59kRWMCX0waurEnSModdHOlPW7nEBIwlDUz-2SBwazbRgMxVIMI3zVnsrZ9jB8lAtJyZylwpqn_EzfjKB7bMUFfuGBoHE86prYenw5T5WQ7bl_w8XyGpyXw3dJYNwC_GqGFUaPcio4NbC3psXBNegFngXLqPdlw-M9mGBI4d66D17UIsrjbkXJspTbhvrg7stZHTy7o33kxAcl1GPxeFjelsHWcj5M1N0sL1F-P2UPtbtyeg8cGFBXI9Xa_w_J7D4kRW0skPZC1Zo7mCUmyZz7Nxlxkfhvk5pvx54ShphzrcEIsaKwj_bJVodDJ5YnY9eSKxBlX31E-TE8V2vvLGJVZl9CEPOpV8Vjm4u9n879oZy5FEgavqdQ1ZqOy_8hFL1UjqSN8DIKA8GV2h_uBkez_qcGa36NkBe0WNIKTFdVb8S4k&sai=AMfl-YRmzh338R0wbGwTDHjLZaUHwf2g8S_HJmhbjPmHt11y5U1BK3ZXwXQa_A_N4ugq141kmuo0pHfW5DPta5cn80GQXygIUBjQEZnH7q_5FcbweuTk6juh3K7TxHCvbbagkL8-a2pRz9jRcR98S8lTXugvgs0aFDIYkf-BzdoLxjtj9S7mdlLP7f1gjVB7XeoFb2PA_0iHhZaHM39UW47t2dRL0jvUeVzSw7V_QBDPABjPK9A&sig=Cg0ArKJSzBuOZwdvY38DEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=417&cbvp=1&cstd=402&cisv=r20230906.73535&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Sep 2023 16:04:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 11 Sep 2023 16:04:18 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 5CEA 43 B
1 KB 299ms
22ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=361577796&gdpr_consent=&gdpr=

Requested by

Host: a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
URL: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Mon, 11 Sep 2023 16:04:17 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 11 Sep 2023 04:04:18 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E23F 0
234 B 513ms
164ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmf2qqdr&c=1667951328033&slotId=833975664016.5&eee=missing-element&bi=missing-id&faa=1&fas=1&vast_v=4.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E23F 0
0 112ms
109ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame E23F 33 KB
18 KB 294ms
67ms XHR
text/xml 66.102.1.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CKi8MhFJd7USPhtFxczr0S2C4lKF88aHPuyXUS4WmIBt0Y0VSICsSwpNdvXS9QJkWb7hNHGFAUI5BfK8isEFkPlQ5bkg&cry=1&dbm_d=AKAmf-ABQZG-bzAp0LU4CrfwAdHj1sgI4cw45XI8MgpSZS2SKaHwdoxnst4n_yOYf48O3hSv79RWV-Rb2RDA9ESqC2ddsy_8dckcM5J5mtMYApdCI5nFcYS2tkKHRGxf9jlpKTJSgmEC9BqjkdV6Hi23QwFVrZvbx1dsJ2E1oaTgGhXHNnmksC78LG0bhnRAUzfRKEbVRFmkASNiY599PlnLCAbZoZ7HwzX24JDEbyLkJaeOE13cQ7bq5AuAS0UR3DYZ2xpHpXBDq9cBfWJ7QXEGlXkxRdLgXD5RjIe7J2Ly4C5UxM5SId6-zzs6mAX0nel17oLdmxrW4IvJx1s__3ddjeE5mpBeo57UK2rd75SWd4Uk4FQd5YmbY9kpxFRvuIAxuP7cyKv11thaVSjCGyQTMAplvDWPjrEkWEDQfT9MnX7s4seXZG2h2Sur_dHtdDH_UCzue0D8S27lRKx9DCW0XBktUz8ljvixVwnevHQqSRV9tI-43WvpRaidtkoMmIXwCb5ay4kNxVx_zjEB_3zlqEI66Dz---l5KtPlSv6s_GwxXvKW0ED3rX2t9pFztI16hrHmHV75k8cEGxtnj4HQM2W_w-NOD0carWef5eYq1Ub2-IFJKB3mfAqv2LjTODom9imJMYSmHBUTKUZV3iyZf8YPvv1Wze1Cf93QnH1ERFUC5sqfPiy53Nk6Yf9IBeWRmyLccIeP7_-j-wxN-p-4S043yeRyrplefuEEx1pkmrh6v7G0RgrmsZhIRxIHBEnzoJl6ZyhE02oATaIgXga88yaLNRVBBudkagVlQE3CwWm1oUr4yGBSSUNJaRdHnlX9wku2XqW8fa4wUIeM3QMMyf1XAoq6TlrqT788f3hKRJmfpofIkp7MVTsBMo_-GyM1sPKB7TvqQRiP3ropY7h8oRiY2yDAtlwRXL_Z8IhuyvNkv2fXDr-aA9BSfK6NukQ-uoge-jkSTGfspSqCLQDANoD_Pa4tmiACJk6hqSugXz98CZYtMJuvTtf2km0MNqhfjbT1rb_93OurO6mwFbKGU61KDZZFprJJyuzZM67JY3_mGIm71O_4RSnyO5AzIxVhHNqRHYHew1Kt2AeW_NAbp8cWAZj_H48toLNPDa5vEAKxYAk-djQB2-fkT6rFu01mzYGHcr0f7tVZjTsGiwoFSc94vedLRtH0dF40jTP3LMjcZnDVrq3lwSo52IJ7VFxZyD2ARLZy61fJh5mXiuYB_yl5vRnAQLPraD7n85KSYX59Ozykx0Egfxwm5eMXwxHmKV02wdWloA35yOcFzo_tf-2bc78qsJRMvCJTZXjUhQwn4ouCdPFFkIb0sUmYqYQ_77hF0JVfXjrkzxa4EW4iOEHNsCqd-_FaU8J5BqvrUCQM7AMD28zVfFdvd0KmpyNU7ltF_vL3PX5kgQzJdtIf5_RzHGdY6K3iMBosCNLdZZDH44YjQQgvaMNWQvCkjhqnh4lQHnIJHbwKJblHryqn7NAY1GX4RME9XfJMVy5ak6u9Xuh7xHeIJLCBP-t6VCKQWknqrD27R4b79gjmz_A9R7ptNgmUIEYq3CZSSSLhMPA5WlbUL9eJURtOKIcOl3Py4u3Wjzb-6xU6C32YT_UHtS706mqxQZ6mo8GCeB-91Og9I1IGqbjt1TcIeQ5Kb7yMJ0NHIOJaejmrZh0nUfoh2sqcJotKony5BlhB3Mdg-FpXglDWOdVRXeHrcW0ti6gt-YS05O0P50drQN3fCHHUH-Sy2K-kb-iaIsGNltC-peWR7_EUwlwNY4vE0MXwOyYv6RMMOs-YwmHg55p6WxA6dk8iyUi4_CPefAwbi-t-DvmEdtbcBKm7GfTkVaUjJKiQOgL12rjaH43phHbiNgnuxTTrmbdk6cNJWbQZOxptCwYTwiuTUdhqLHwCqZSi8RcSlvk1B-63N8Ejiuy5Iq0wHmxRzIdchg3NxgbA9bg1CLrTic1dIG5zbb7r4wRQ-V7HD_Sud4SFF4qCM3iqigGJAJDn5P4cjsbfgkewb8X1YjM2f6r1mYyGytq-zmAzikngdWgMR4J2d1NUf8P3ljzSEwvmF5fPpgsoLcy77LoybZVH6zYP_SXUmIPpE2PO6-EtHSn4WCzYA4-fS8VV0zcSSM8mx-908TaGgIHrQarpGPnhjd4EGEgWHQOt45HKtOZWsj9FYLM_zubvuS3SX1khrpaotGpOo2craRaZBKld02KMNkwLHDjmPMFuapo_Hkwe9YXrl7RnNBlQLWjBoF8ycVCeYWfjWLPPBMMRyry9YI4zex357PzmqIPlt4U53m3FLS_ajNiYI2W1B0NwU5Cv4FSRKoYPEu-L6aVk0WYnpTziEG8Zs4yRNWVlCtXtqH3sIXIAY3istGaek5v7CBoRIpohXYoLVFdE_YVjvVIVYRaMmngc9gdrA0VPImxSPh7PRxnNAb1jVfhfeungADGeVVJZhazABwcFHkJ4468fWKCgk5MP6q4vFt9lvsaPtV9M9oke1uNpNV_HAEdn3XpZ_mWPaPdhAaMatNfQdXLlLIBnxOypJPT5wLXt1FruNEhsjlFBKqTs4OOakC8N41yBNztUPsjfm76NdKHetI-AIAlkXJnozTxS0-RiX3jUS2KuioGT0NfYoUeajmoswoGo6nQbN1vKL3iFJtfePkLX8VflmdMeUaZB30IbFifHiAzz2bSkmDgIBBjyKXwNgQrVQjIe0NeyciPv3z86-d9nhTZXdjbpaxfEr8cIaE-rZC1A34dI8p7YL4F2LKgSalhwhz7rrOdZ2poOSkPM6KTpxZcA7IydGrSpMQuPLXXO1yLDihElqp1bFHqijXaSwAqw75Q_DFRI_iq_hGFbAuAYzP8kVedZo0wx4ra0V_1LZPW7x0b7D2roXF_KuRFbADPU-Y8l6BPR7SvCSr7ljoAVvaHkN0zdNeJVY5HGimsw7JNyIbamNLjVosm4rzSeoBBJy2zwphv4RSl5lzQSS43hyvwUndTizdHiSp4u1mZmQ7iK5siUZ0Eg7vhLBVbw29-ycRzNtKOZ3AkC9mCMsPpCHCarhffPfHw5cavJDxWrzvGiE4Ari73fPINO1ls4uuZ2gVHEHM-Zbg6hZGgzIjEc4A3TtOqqk5IPr52lOp3ThkRVMYls9s9N5u459ELsz1oWBaGEfNGUTY1-yZtRkgSBrHdYau1RYmmV-E8vdpC751oM8RsFdo7JPkeZ-ZoMuWrjH5oM6KYrKcKibWq58xK7OHCVTbyG4Db7_C7nsvxhwPCGRgmcIP36OZygt-Qz1GkmycIvCypaLg14KauQ3nKAaIteXzaDvGQ247aD6KPzn3etbeijuEGNppdDzi3h8DZ0ViwGXqIYrjPk-SjG71H38RvMy3vgYEUChechN24Q0Uwq6hfbFtlCezsZJhYL-WoXu5ldGYXjK3CuD7W_fiDAKM1-S2pzS4tXKmflTUtT8-bmHrDrTAiM7tzWA31cJtd7oOe7JW1avT92lXkddkcZWrjUId1icD_zn_HdEe3ismc3BoxD1Bkwabi5QZkbyT4ChJFDSOUGs-MQljXPPP_o14hpyHpFp-Ovjn--lblToADWtfrdOt70gzZHP85pzN6umE7wq4qCkTu4t2SKe7NKJ27fEPkYsF7bgEeB8xdnOaPmJFZqyt4uEQddv1bpQlTDbXQPAO7E7BozvsucYvK6_K5FPc7o1DsXmzEackbK86TleY0zP1T0hsIezDdVgKqz03gztdU99BvpOwGyUohiyve0Ndso24yWmoPS9abiwdQs-DUE6g74EHPEAwOJKVOT78qpdovC_WNCWmqDpEMSgfK1DOwRYcCwLEzd18KsA7LWwmMwXRcOVgR9knOF_UXbQyiwb82WrtomxAf3EVd23H9dkjRWxKJMKnydSKeQbr4mcsPgz1vJkxG3-CUuCp_3IbJg87VW4zHhUHUviLWMXSIMfO2EHUu6qVBneLF2mxgUtLKtm3Hq2sEzLomzRlfnS2YQWaFz3PqPyL9zAtNqjcsN5UDOK0sbfEIu2BZKBSCFm0Un-FcRAG6t7d0tMBOt2Khhu_4vxueRGIodobEooc_ZwfbpMIxOrVCtqT69UuSGyOSyyFNVwVJ4g98lG8LVbVgyeGJJuXHv0yPG4thmZGZgu-QVu__5aQOftP9u5wHpkoXEpPps&cid=CAQSPABpAlJWq6gibtwN8Zi6XMZY2OLkNkeVk48YYR-MbEWjAQVKzwH1v-wKhluC79nbIlpS06xOssY4SZ8MjRgB&vpa=click&vpmute=0&sdkv=h.3.588.0&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.3&sdki=445&ptt=20&adk=240638545&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.588.0&sid=E2775B75-05D1-42D9-93F0-7B48803F7243&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735%2C44800995&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&ref=https%3A%2F%2Fwww.adintrend.tv%2Fhd%2F%3Ft%3Dlive&url=https%3A%2F%2Fwww.adintrend.tv%2Fhd%2F%3Ft%3Dlive&dt=1694448258097&ged=ve4_td3_tt1_pd3_la3000_er335.279.335.279_vi0.0.1200.1600_vp0_ts1_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f155.1e100.net

Software

cafe /

Resource Hash

4decff50672f125a3b8d3a3ca9f8bd8c1693b1530b2e38147ddb34c1cf80a52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17744
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 20F8 113 KB
38 KB 34ms
30ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:04:18 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 20F8 118 KB
40 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 04:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 04:00:00 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DF6A 113 KB
38 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:04:18 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame DF6A 118 KB
40 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 04:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 04:00:00 GMT

GET
H3 200 YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js Show response
pagead2.googlesyndication.com/bg/ Frame E144 37 KB
14 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 15:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 15:24:41 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E23F 0
45 B 165ms
165ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmf2qrkq&c=1667951328033&slotId=833975664016.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44797559%2C44797735%2C44800995&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E23F 0
0 115ms
114ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1514499300&message=vl&sdkv=h.3.588.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.588.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js Show response
pagead2.googlesyndication.com/bg/ Frame 439E 37 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 15:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 15:24:41 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7D5A 0
0 45ms
45ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstC4ud1TStDiwYNCU2Ab14KUj-r_iq_w-GsEdhmW3eWIjwPCb5YKC3R5PwAl-0esGgb4nQqYqhvTtY0d6B-56CTLOJrpkofu3aFJ0NNW-HuURiApHcuTYniq4QfvYTvn2srnWYJAMZCUEgExZEx3S4LQIwjqY1F1ewtdQolXj42tNneLZ1pEtOi6_DraQ5-yvyicwe5DMum8Tmqrv2qQ_cGw0XqS85pjfFb6rkC6Z190mNfSwUaXFrbI5CV48buNoeAeALYXZf_9jyDDps64lbJAatKuDX7nHiPfyTCjDaFSskTewUPaarSNV4eM6kpllQyHne2sS9Re1_brUJPQjYJhPMuhLoA7_eXEA0XAnLCjUZ9N_hQjvrmsHmoNXEchZD5xdLmF2ejKY25z7TwEz5c1wLpi3MkPMHOUYG2N933Do0tNJSw0TEKJ7yuwdSkAiHI9OPg4tSpCMTmtho4U6VekpSfnRio9zVNNoAPBb7Jl94FIgJ9I6eD70zdQg72BdtNv8SHlyxeHh1m-aLfikvFV0GUVa0qTsG8vYr8rObQyDKHrhnFyg2ohzCnZEg46Q9BMOmMCa1jzLJU3_jQZBFNRy3c4Sgs8fuNPPDpki_sbWNgawv0Irkg6A1GWaVJbT9Ql00jbqbuByOjEsFWd7k2wPKHu6rFqYwaiYE8-1ammlXvJECzBI_a0R3hHPceJ_1JHdJlTgzsdxoDBmBPcBRGOGk6jCR0zhwGPBt4CC02FBQ4IsiYNVmmEOeik2DBdwS-PWWZuZTcJ1S6lyDDRlORgh5lR60TRfohK8Eh9xPdiY6XBHXd2Vndzq59afmRIVuz0FoXshb7FH8riAPXnMh_E_2HzcEmdt6xRaTJp69tDAlBlSyXgV_Fsv5d_hY2nGY_NdzEP2n8OLR-unWYD2hqSBdmhXdBU0xsH3vfGDaWgZBITzORCzREkfgEbWLs4PVqD-hAPiOaepK7mpamK8IoAbXXUIFr_jRRDSbElLRODFthp9nnU7rdGNIiIh7-mA9_JAEwcJkBmFfiLgl14iQao8bGlc6scZev1vBo33DMnmqLEBAKotWyJ8qb5-qw1ZJJ3Vll5sgcGNaRFAiO-1AfjExgDZHvpaEQeEeV4BzegJs-QZS2WKqrFfcj0MZaHr7JRAM29DPsSfmy2jnnQ7D0JC7hGihZ8vPp-34dHBHBTQhnlTEyw0bE0f4Oj9Qm1BnDdBK64eFTjZ-j_2LaNT3GNvuGmc6yowpVPNFg4et0B2nTU-EWLQKOsFAndZMzkWXz5wRS_8tEQdtOFZAe3u7pCsZIEBGC7SxOKBoV9Nx_aGnKLCgnrgEB93O&sai=AMfl-YTPOObgOEIidEOH0WdtCey80yTxa0zWX8TE1Vs1UvzzbEA16MMpVDsP4btFu-ykMF6F_r0x4eCNWh6s187NjYf3c4T26rDj74n3Fi8EwfWFfLNjt3UrYEFh2NRpcXIJCAmLPnlofamhrIcb2_WhRIZ8X6EPghneKytqvv74zQkJiXCWhLp75tWG_tXQ0mLSVmrWMReEzqEogYxUPhQ9kFm7G4D2UEen1Y2wj6mBGeMivBQ&sig=Cg0ArKJSzLB3Zl4LbgAmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=980&vt=11&dtpt=566&dett=3&cstd=398&cisv=r20230906.05374&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Sep 2023 16:04:18 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5CEA 0
0 47ms
46ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueF-zLI16hF7sTJfLwuC_asTdh468-iGuWKqUAA5xlZUUTEWZZbL-FgTivDhnzyi1yKOKJ0vulPFZ5y_25zLwOFxkn5K2KS7sYtRYSHbBcMxFc7sAVmVxqHUs_WulAUzeMlvJYP4WuIV819YqIleB1hhcoHJjcmVhnUd7lFuR_ZOhBKWFPg5hOeITgNXxejirPrBToUu8KeEpIT0XheXk9LeDeUEJY-axoXKjwUslpj0Rf9WAsK2MoW7zdG84Fy5NURXDtCPU5dS-wfbeY00KCDk4tIEBulMrR3M8G99qx8NPwYvWv7HNZ4j8BUlk6cmncGT91Rp94OivmVf7zxUGCFi4wiwsUzdGG_q_BeYZjjg_ojbfgLseNVD3W0hVd57mPSjflqVz0Hywoi2N_m_gpKDnKpaLYNqAdx1pICjJtWROfH891anl2HQaPpbyl-7ffzjxc4vTe7hTHwxLyre5YuiALYFfHo4f0X0_joQfyW7q9JorX9AzUQGfu-0w3CzdrfJ3aHWBjGKtJQ2HmaVDdDJg7TBdD9xc7Pzeo0gQX1zinZf7HoT4XzjkVP8CxPamhQWjvVpoAQF200o98rEfLWIX5CifYgx9EPRlH2BSCRnKnPkzLIGAgkYGY45cAKiQkPgO9HIAcoDg7MXyN-j7IBx0_MBjkouO7cyqWLb6c1s5JFDZ8e3heKZoL5p7bazKF70oxZNM0BnZ2pnBCa8xn66LUIe-dR_63KjIlCBy5MsuEi5Pd8ejlV1IL6_urN4tLD83Go4wybMh1P2NPrkTMJOG9223EHjA-KgJ-qQpWfpZTsEs-z4tX8ABh8VsucxaChPB5DhKLCL-PdpHPWm7C13HZEjRHQWhwqcGNg7S9I_VGrpgI72GO1_f-vD85P59kRWMCX0waurEnSModdHOlPW7nEBIwlDUz-2SBwazbRgMxVIMI3zVnsrZ9jB8lAtJyZylwpqn_EzfjKB7bMUFfuGBoHE86prYenw5T5WQ7bl_w8XyGpyXw3dJYNwC_GqGFUaPcio4NbC3psXBNegFngXLqPdlw-M9mGBI4d66D17UIsrjbkXJspTbhvrg7stZHTy7o33kxAcl1GPxeFjelsHWcj5M1N0sL1F-P2UPtbtyeg8cGFBXI9Xa_w_J7D4kRW0skPZC1Zo7mCUmyZz7Nxlxkfhvk5pvx54ShphzrcEIsaKwj_bJVodDJ5YnY9eSKxBlX31E-TE8V2vvLGJVZl9CEPOpV8Vjm4u9n879oZy5FEgavqdQ1ZqOy_8hFL1UjqSN8DIKA8GV2h_uBkez_qcGa36NkBe0WNIKTFdVb8S4k&sai=AMfl-YRmzh338R0wbGwTDHjLZaUHwf2g8S_HJmhbjPmHt11y5U1BK3ZXwXQa_A_N4ugq141kmuo0pHfW5DPta5cn80GQXygIUBjQEZnH7q_5FcbweuTk6juh3K7TxHCvbbagkL8-a2pRz9jRcR98S8lTXugvgs0aFDIYkf-BzdoLxjtj9S7mdlLP7f1gjVB7XeoFb2PA_0iHhZaHM39UW47t2dRL0jvUeVzSw7V_QBDPABjPK9A&sig=Cg0ArKJSzBuOZwdvY38DEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=971&vt=11&dtpt=554&dett=3&cstd=402&cisv=r20230906.73535&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.adintrend.tv
URL: https://www.adintrend.tv/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Sep 2023 16:04:18 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 72ms
72ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9360b7cdc1b6681adcf0a9d64f2e606c0c7d3aa4a2b48aa54a95e2da1ef19368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11789
x-xss-protection: 0

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
37 B 68ms
0ms XHR
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.adintrend.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
content-type: application/json

Response headers

date: Mon, 11 Sep 2023 16:04:19 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.adintrend.tv
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 805125565942901e-FRA

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 20F8 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:15:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 20F8 7 KB
6 KB 54ms
52ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b3d43f2d7c6dda0d120e2ebad585350bf0cb1f358d357258f8babd952fe26a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5800
x-xss-protection: 0

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame DF6A 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:15:25 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DF6A 7 KB
6 KB 50ms
50ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86b111c71f07d4fede7eb4b1c03ee0ba490c6fde0ac2532321687b28256db0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5758
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CEA 42 B
64 B 114ms
114ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcleM4U8m0qUSoynSgE6LfVcnPzi2g4GWRRlhi5XssYIhTjeCRH4HMRjjjxnQ-8aW1Via-DuOXN1I19AuT1fnFgQXhb1GWArey52savSAREns8_-CeaNVMrC1kOZ0Gvicy2hqvEO0m6g2z&sai=AMfl-YSqiBRTQrBgek2PbHkA4I2UdnPjWTKJZL9iwsEACl3LfvRyVXkefg4deqTspYR1sLTb9CpfXtMoWs1Sz84y-pBBWnQnnlN2w74JM7GHWg&sig=Cg0ArKJSzE8-Tq07AurqEAE&cid=CAQSLgBpAlJWwTJ3F-uO1Ju2YHVkiXZ1Dxa-JfowpljZXrj_MeT9NMSSoW85xmgjc5cYAQ&id=lidar2&mcvt=1000&p=49,457,139,1185&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3175606650&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694448256590&rpt=1161&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D5A 42 B
64 B 116ms
116ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQFuAkif-Oha7jyNQZxFIvcAaRMmCKJ1RSzmOW6vxf6zpFGyQhjVo4IJO__mr9T8vCEo1VrGw8HzBlkU1ocyDOuVA0Bl9WWGC5Eb0atujrpQCFFhsq615SlCPwAdzlfq8kqritjeXJk0Sf&sai=AMfl-YTpq35CezCX2yFKkYU4T7AuWrM6HiU1QgkNlWBL7NwCh3A3qsapX9LHs37T66paLHWS089KwBdZqPqbildpjitCQQxlFes50i0yJwqAdA&sig=Cg0ArKJSzIpH8CISCp5AEAE&cid=CAQSLgBpAlJWwTJ3F-uO1Ju2YHVkiXZ1Dxa-JfowpljZXrj_MeT9NMSSoW85xmgjc5cYAQ&id=lidar2&mcvt=1008&p=213,1029,463,1329&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2871455395&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694448256606&rpt=1201&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E144 0
20 B 117ms
116ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3-2dgTr_ZPu0Fp-6x_APk42xqAEAAAAAOAHgBAI&bg=!DQ6lDkHNAAa6D61Rmg87ADQBe5WfODKvehT9AZQmdqeN8KkiDxKNnpJv22UD9xap-bm-sdkPsu8Z345mqnCCsl7SP9hOAgAAAORSAAAAGmgBBwoAXBEbWQEuAO4VMaHmBglXjXRN8bJzxNXEcDglny6Zw49x4vkhFpLiwz6QLXnwfgSqLvg88JpZvx9f6nNMhS_GnR4hERBHvl_AhGA1Eo7G2jKfLN_HhuMCbtCR49eDmQMMrPrTFI7_w-Rh9toW1iO1NBzjTI3oWheZwGTL5HnMD-0p9W38j9IY2QJuXWmL_Hfj5ZXdWUcRhPYvQRKI3GsE_51VRTJ6yG1SguIfbqINtHvOmDwUVROf8z945Qc3sv1rnBuGX2011v7M90rjRWy3tQn0Mq4sb3Qs5NN7QBaCUe4lR5Fd6jdJevc16T2qCGg3JazWAYdd0t6_N5xeaV9dspn5JXjowkTnOqLGdqBONe96o1CT_4EwpsR26jIs1de54P59CZZjusduAJkkH-Nmdi47-KimRk4tEwxD9L6v1NGn6VqXgwS5gSYJyJ2pTGoEMZRoHmWQMnGg-q70cSCH4xO9BtaAnZ5tQGPJH4DlWVc94son72UMC4jYWixMNsLDBZzw5bzo2CFmHoRBISMHjNSHKwwDHL5PWtfUKzz8FCMCM1w_iOnbLxusfrb_UOe9I-0daquG_uBQgQm_whT3t8FRSi9qfMwr9T0BZ3O0ozq_LlIJYzk_4bj93Q3cijIeYqVtzIxqsbtKMtnsQA47HY1VDSrEvSNUguR5Wcb1_UdQFnJAvSbw7RZetGPckgKgv1WMj7W43e1LVfRe34qgJ99hQSS8p-gxu2nmzyy1BiU9vsc6_xk9ZfyuYG2LiciVkKLaaitjZ4pp_SqC3mEvgNHn5OQzD6ja4uxXHVEYXr-Rd6V0Ev_QuUsngwbeEg5wYjaoSSQbMf1fIvctHqTi6A7KMbcaSNTTk1ytc2gr40S2SuAciM8lNDyRi2RBZocjp4X9nyLrhQ9qWrHb1FUwZwHW7RDBX2auL5zSwyOuQAWCmOYTjqJDdhRzjGBU2ge2OZemqW_Cx2r6eVcVkWaSuSdIrEksyZpzI-8qwh0U8OV2W3aHehOX7FG7P5uHK6KgtXKkH5BjNfGTeHpudjnwuTM9dxBiFD3RsfRdLwchAr1dD9QuH_1njBJuF1at96qV2i2xGKk5ECjuAE7NtsR19bBxI63jxrwJzQtD_RUiGgXeUMWytr3U4TotvImYrVg68Vk1CaBTZxkuuQvF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Sep 2023 16:04:19 GMT

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 831ms
14ms Preflight
text/plain 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.adintrend.tv
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.adintrend.tv
access-control-max-age: 86400
cf-ray: 80512555b86e901e-FRA
content-encoding: gzip
content-type: text/plain
date: Mon, 11 Sep 2023 16:04:19 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 20F8 17 KB
6 KB 118ms
72ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Sep 2023 16:04:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DF6A 17 KB
6 KB 118ms
73ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Sep 2023 16:04:19 GMT

GET
H3 200 300x250_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 20F8 70 KB
18 KB 66ms
22ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bfe867543beadffd19621eb9062d4a98f9686344ac58a942ef839e7f9441063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18394
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 10:06:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:07:00 GMT

GET
H3 200 728x90_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame DF6A 70 KB
18 KB 60ms
22ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:51:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18390
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 10:06:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:06:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0967 13 KB
5 KB 90ms
45ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.adintrend.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 13:46:58 GMT
expires: Tue, 10 Sep 2024 13:46:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E683 829 B
1 KB 190ms
18ms Document
text/html 2a00:1450:4001:80b::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

40f299555ac02e29bdef7983f5200bd534719e9cb88d706be6476c7304283b6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1YkykrcFh5bPkf8kDz6eCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.adintrend.tv/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-1YkykrcFh5bPkf8kDz6eCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 16:04:19 GMT
expires: Mon, 11 Sep 2023 16:04:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BF2 37 KB
14 KB 38ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 15:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 15:24:41 GMT

GET
H3 200 YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js Show response
pagead2.googlesyndication.com/bg/ Frame 300C 37 KB
14 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 15:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 15:24:41 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 20F8 6 KB
2 KB 56ms
28ms XHR
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 11:06:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:12:28 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 20F8 5 KB
2 KB 57ms
29ms XHR
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:13:44 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 20F8 2 KB
1 KB 59ms
31ms XHR
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x250_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:14:26 GMT

GET
H3 200 NH_D_AP_Pavilion_300x250.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 20F8 68 KB
68 KB 60ms
31ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_AP_Pavilion_300x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2c908d93fcb749e7d1f60a1ce8add30146788405ddbe4d57ccdb265098a921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:52:48 GMT
x-content-type-options: nosniff
age: 691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69966
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 17:01:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:07:48 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame DF6A 6 KB
2 KB 57ms
38ms XHR
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 11:06:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:12:28 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame DF6A 5 KB
2 KB 57ms
38ms XHR
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:13:44 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame DF6A 2 KB
1 KB 57ms
38ms XHR
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:14:26 GMT

GET
H3 200 NH_D_AP_Pavilion_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame DF6A 58 KB
58 KB 73ms
53ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_AP_Pavilion_728x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82851291e24304ad72ba40c9e041610a7dbf8f7b2eff1255bfb49a6ec18133a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:58:57 GMT
x-content-type-options: nosniff
age: 322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59292
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 17:03:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:13:57 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D5A 0
20 B 134ms
128ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=678453050323&version=m202307240101&ct=76&x=1&cor=418832727872346200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CEA 0
20 B 135ms
122ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9118548477786&version=m202307240101&ct=76&x=1&cor=9073229337258984000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame DF6A 50 KB
50 KB 56ms
20ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=LgeoDnRq1f&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:00:57 GMT
x-content-type-options: nosniff
age: 202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:15:57 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 20F8 50 KB
50 KB 60ms
27ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2230318213786861877/index.html?e=69&leftOffset=0&topOffset=0&c=HDLx8MA67H&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:00:57 GMT
x-content-type-options: nosniff
age: 202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Sep 2023 16:15:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 439E 0
20 B 133ms
113ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bfx4vgTr_ZL6-HIjAx_AP0d2e4AMAAAAAOAHgBAI&bg=!mJulm9TNAAa6D61Rmg87ADQBe5WfOAr4o6HD5JdSqQtK25tcc2dW20lslk-BDEIY1VsBO-5oDM5HiLHf5QA9RJD2kENXAgAAAMJSAAAAsGgBB5kDCXNksHpPgv8URDfdRAnJ9ZQF0DsYJHJp0NaEKidFNg1KnlhwRaUqPY6ggq4wjxwCAkivBqubdkEQZD3dJLPcOSAqLz0rnTNWKTFTgYoJNLPu8yffsAVrvctoZoNjZfShdqLAansN9g6JvEhdxCwwy1mrnX-e_XJlMLT4IvGprXZTU6ttbGf7ZbOpV-_h6iBL5TEIg-Q4zpmeZg4o9L1aRgP5q6zI3p5E4zmKZ2t9cMKAvQCax5KebDNyrZImV6s6ooQWmO2BruCWCDT1KyujoFZDIX2ozv_ZMX-poISZSxwPWFR6uewpPnMk2oWMDPaSJwNfcvZshNfPtQRUAbj1OeLU0EXhT3ENEGDWy7VDwL9QZGFL0pNOcvFOe2Ajv0H7lvFGKrdbT-BjCEmx3hRGG8xtBCSRwRrgtLox7PbMVVWMRD62YYtiAvl-c-0EgSwZw2eaixf4Z-cIZcqepwi386rJHBZhxu-QmqAKgRiDwlFwHecFNGa4aE2-r7NBf2JasJ1YBdZNXA9N3LGcG_L1BgspPVp-Ve74wbNTmGnOpOZXfPFuF7evLgFHQ2tQG-YJRDY1xQFqImTKPOM9QFHst-STCHfk6icu-nSThtzv33awOZD7Eqv-2F3lNiLdjEEOeCxEkw_lZWkzs1lJggBu9uwPhDZPbhJSx0YO2ooxmT5AgYUl_9u_fzlG_i95NMP4LWaAAvgsFZFdu04G1u469TYalnunpO_6IwUNRIDj2ETCJukLEwmtFB4Uhz5tBfyAsLS4qZ_41B5-09_MH62nlTxpBwbSkA-vN0S5zzVmTDXfWoCXiT6M6pypLzx0wUpDzXU8JPL8lVFJ7WAOWANnuOLW5SHiV8pu2X7WlxljAoVv3gmIslCZBSFzRl650AktSR6G5q5MiRGV2Db9mYWBd6rbgZjPIHlxkS1ELl7oB63McAZsfJptMi8MlyfMjS8QM-IGL59nitQuQxycz4lpZqec-iEbXu-hKFuvMlqS8ZVYFPrpgQqsn97vpl7KL-pRHnm2xU-wTq0mfg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0967 37 KB
14 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 15:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 09 Sep 2024 15:24:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E683 0
0 127ms
109ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309050101&jk=3801200756526971&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0967 0
10 B 10ms
10ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kNxQRQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 16:04:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 147ms
117ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309050101&jk=3801200756526971&bg=!KimlKWbNAAa6D61Rmg87ADQBe5WfONrBDSsCmIDdHY_mX743cCrZ9cOUakNI3PcU9ellX_6yO_l_LmsRV1HC2dfnAhWSAgAAAT1SAAAALWgBB5kCu_Mxrus7JTE2_4ldbrJKnTF9nh-f14tb3rlDo7jojkJl01hk8cPfDJx9FJvj53wjh0ovwzm8xd-QK8uGuw-ey9difL5I4rOTfOW6vCeCNsP_We0WBf2v_y-dUo3ufw9KJ5GSQUmkftuLXWIai2uii-43Ci4IxRU-s10MkxZrHfK_8YuebBGgjerUmpfaL071w0r1ygQ2hJwHX1H4Uj-1miqEDET71Tj7rpUGKxTo9Y_UG7_n-TCMJzmScfCf3gT9avutNKQKPgQ59ai4bI1k2wZxZEmteKN0mvFVqd2CSshsUT3afNavcn7tsKWhEXeUsVz0zweqtiHyt2co3O4YGwSc4cTwZbZVXqD6fWIJUI-lg3g2RDf7_Adw3nf1c-2Jz9rc-b0g73ezRfbRn0kKNiYH7F8O899qvfz0-Q7eyDQh2oavyVgWiVHN5bfg2msV59cFqwlyUGQsToxXs_GC-sFGJaZUnYUfOoAgOeocvg-Q_fhprhnypaTJu-jRKLr1UvdxEGmb0FK7E48ZArb1glCTCQmPpXpMH9NJXVDC-JR6c0BZWtjJcCPb8eCEbT3u_cnCK_elVsVGrJCEFGdcZ1JGaO6qf4P2EYlDrjcb40N4W8onyruoYl_dvsgrqQ-uCTJ-o7OwdQfFdoPTbiMVtE5AiZ4FsxoeHzXPb1X8HpZKCAsVRHR3a5XYVHdCxgA7rPr2Prqa5GCJXzyrgwm4YOqBixCieFEAIA86O8eVxOfVwCUzqME0FTkvUgvmuMzfz5Z28kARhB_MSEuFhihyrGhv_wsGI2gH10HkF5EPhDwtHns1e-aCXmpcEP6w_hHKZK3M2ayRPe906jUeD9QUDg_QmlPaN3Yg6NEyTlTLwsKxZCGzEMo1hTX96eDukfj_klnvX4vDMuLPKnvpjWbBO7LANZMNDhU90WhmBA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adintrend.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 20ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B8CG32BRB6&gtm=45je3960&_p=1175043687&cid=430850806.1694448255&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1694448254&sct=1&seg=0&dl=https%3A%2F%2Fwww.adintrend.tv%2Fhd%2F%3Ft%3Dlive&dr=https%3A%2F%2Fwww.adintrend.tv%2F&dt=ADintrend.TV%20-%20%E0%B8%94%E0%B8%B9%E0%B8%97%E0%B8%B5%E0%B8%A7%E0%B8%B5%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B8%A0%E0%B8%B2%E0%B8%9E%E0%B8%8A%E0%B8%B1%E0%B8%94%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B8%95%E0%B8%B8%E0%B8%81%20Live&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B8CG32BRB6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.adintrend.tv/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 16:04:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.adintrend.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adintrend.tv/	1970-01-21 00:16:48	Name: _ga Value: GA1.1.430850806.1694448255
.adintrend.tv/	1970-01-21 00:02:24	Name: __gads Value: ID=f6ad8ab7913c83dd:T=1694448255:RT=1694448255:S=ALNI_MZWTqYBQnLhafsFadcy1YdK_f2kCQ
.adintrend.tv/	1970-01-21 00:02:24	Name: __gpi Value: UID=00000c71dbdd3aa6:T=1694448255:RT=1694448255:S=ALNI_Mbzfz1PE-pcaLP0lgilYVlyl1wV7g
.adintrend.tv/	1970-01-21 00:16:48	Name: _ga_B8CG32BRB6 Value: GS1.1.1694448254.1.0.1694448256.58.0.0
.doubleclick.net/	1970-01-20 19:00:00	Name: APC Value: AfxxVi7NZQKVRJ0YR4KTl2tCj9MPOlxYv87z9-wpOC_H5WEsmfOgFA
.casalemedia.com/	1970-01-20 23:26:24	Name: CMID Value: ZP86gXrsHO8bC70JtKNgfAAA
.casalemedia.com/	1970-01-20 16:50:24	Name: CMPS Value: 2164
.casalemedia.com/	1970-01-20 16:50:24	Name: CMPRO Value: 2164
.adnxs.com/	1970-01-20 16:50:24	Name: uuid2 Value: 6666532070853291516
.adnxs.com/	1970-01-20 16:50:24	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hc#qO@J9!@wnfH8K6pQK`!5=E<L5?%Lz3k4=$Y=u^kk`a@^Y=wK+0V11lAjT@RXF3q'%nugO%v4VB%np/uT5Zj
.doubleclick.net/	1970-01-21 00:02:24	Name: IDE Value: AHWqTUkP9WY7s3Mol8lytffd1U4kd6tsYmPKp3O80r5wa63oN7agwzmF-LEnLqE7JDU
m.exactag.com/	1970-01-20 16:50:24	Name: exactag_new_gk Value: 26a5a7593803451a9afad7a0257ef2b3%7C10.11.2023%2016%3A04%3A18
m.exactag.com/	1970-01-20 19:00:00	Name: exactag_new_uk Value: 608dc6d3efa6417daee4860ed5b7a20e%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 4e971dd7559b49d280301eb0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a0f0a8c2025455c403a0b412444ec813.safeframe.googlesyndication.com
adintrend.com
bid.g.doubleclick.net
cdnjs.cloudflare.com
cloudflareinsights.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
js.genieessp.com
m.exactag.com
n1.cdn.vet
pagead2.googlesyndication.com
region1.analytics.google.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.adintrend.tv
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.21.4.152
133.186.12.16
142.250.181.226
172.217.23.98
172.64.148.101
185.89.210.141
2001:4860:4802:32::36
213.202.235.9
23.106.248.24
2606:4700::6810:3965
2606:4700::6811:180e
2607:f8b0:400a:80a::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:829::2001
2a00:1450:4001:831::2006
2a00:1450:400c:c0c::9d
66.102.1.155
94.75.248.161
01df456b85acb77a180ad7d890f265ea448289bdae9a4b54c58d919b4d484c2e
071af8e2ed043340a9c3eef1a1545786b342af08f6d61f1972073a740aac8fb7
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13c151da3c1ba1beea84e45b9a7f92f2b553c26c07615626a55745d5595cd42f
1ff17dea2477f8d6436e9b24c59c14f2dcb5bfeff4f17c1386fc230e2a32b164
2113a8ab67e0058874dab99022c015790dd59fda69c363443d80ed82960912fe
2c45abf1b4505ec8110d87893e7a492af51b79bb1902c6e232558e85219d3894
30e94916dc5442037676481446795edac78cc473be59a82f6e2362dfb318253d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321868530f2608dce411bb79dd3174b598a52c05044c0cb193e0f19400a339d4
3441238de75d6ab65cb1c181fbb0fd985dd0080896d34abab7c3bebbc1e38322
35d6382bc492ca740e79c5d28141c199acbe8dad89d8ebd6f36c1af942d261fa
3a67b03b3c4ed5c1b2570113f118ede03d998e1e292603819ac6584436d04383
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
40f299555ac02e29bdef7983f5200bd534719e9cb88d706be6476c7304283b6e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4decff50672f125a3b8d3a3ca9f8bd8c1693b1530b2e38147ddb34c1cf80a52e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
60a96525a3740ecbf1d8bd5a0c02ab8c595392b689d258816e2ee54d314c1274
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
62e814784e6836f1bb0331249007f2c043bf89e2fc01e8e78f4eafd4387430e2
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6594b0e243c5017d9a9551c307c96ec67632b3f0887b2ca6652fbddec9c278c1
70fd99f272b1dc23f6181d0bb81cd3d3a27b4e3856796207aa13bb1f668723a0
71a6cca43bb56304af150b052dbc722bae083a78f5cc9513cecc6257bc61e1c7
770881617366ce0c525ab90c26b19a25dc48185f4940aafa39305112b14aecc5
7e2c908d93fcb749e7d1f60a1ce8add30146788405ddbe4d57ccdb265098a921
82851291e24304ad72ba40c9e041610a7dbf8f7b2eff1255bfb49a6ec18133a8
82b4224e24a48d92e68ac09fc2a270140a8671f4ee24b03153782557dde1d365
839e7c6761776f0e1c251d29d443dd8e29c6d3beefeeb8925c58a74ba784bd30
84f17c357a114f92f5594d1254ef145103bd25fe28a365fc648d27678f91cdfc
86b111c71f07d4fede7eb4b1c03ee0ba490c6fde0ac2532321687b28256db0d8
8b3d43f2d7c6dda0d120e2ebad585350bf0cb1f358d357258f8babd952fe26a7
8bfe867543beadffd19621eb9062d4a98f9686344ac58a942ef839e7f9441063
9127cbd88f066b08cc5fb0feb28bc7c25928e95247bfeb4cb4b616cb170c6f39
9246b49f3c3a15eac8fc98f16a62ce1e715e80c21f114e95199befc2cd1aac6a
9286d6b853ecea5b85713a13e6cbc657dd9ff27cbccf55d5640a8ee67b416bb6
9360b7cdc1b6681adcf0a9d64f2e606c0c7d3aa4a2b48aa54a95e2da1ef19368
98c0942ec0a88ce214e5d255f908aaedc9a7dd62883d28f1822777bc471facc2
9ad6a9a711e74a049a6f6eba60c3b662aea0b8071cf6150179b52d7c822de970
9c28c363294add55856865b33329eaba48bfdeaae8edb0b11b87ea677764695a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2fefb0b97977dc00cda344f95c3618b362499aad2e9e5f84cbf47c137efd349
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a76ead21faabcc3ab3ba635396f98ebf83bbfaac869961cb43e8f80d29e0d0af
acada3db8b2ecd40691b863a0dc379b143f236aa8ec102935a3872ffb996c51c
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c1302a764fd2e5a4e0ac9e0bdc852e2b3d0810a7c346f0abdfbb32256500edb1
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
cc8f73ef9214e4d0d5c6628420314325bcae2b7daa6c4f857009178c3e3308d2
ce61f3b93b93585c31300d11f6278bf0e5335b3f391fdd6a32dbe167f7476b2f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e859e75a0a30cb3bfdb4d267d95d9cabb1475ae01a49a48a7a5e9f3be63977a8
e99cb65c1811476230cfdbcf75c1eedc243235d69d0dd7511c801ef17a8a77d8
ec8e48ae05aca7dd7e257a5afb5ba7d9ed3a73e6a53b507e7012338d261f33fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9633292cd35b37468e5094e83fbad83ae848658641d3f16f9e6d4361f56ecf4
f97f5072c3c53aabb5f44dcf0717479155ae9d902429f13e80234d851749eebf
fa7d77332417bc1325f1633c3daad67d6c0d813ffcd138d606c8bcf162d82a51
fcc055ff89ecd416975c28222a96a88a2ae805646d5fd92155917904b3593c2b

www.adintrend.tv Open in urlscan Pro 104.21.4.152 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

94 %HTTPS

60 %IPv6

18 Domains

27 Subdomains

25 IPs

6 Countries

1961 kBTransfer

5457 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.adintrend.tv Open in urlscan Pro
104.21.4.152 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

94 %
HTTPS

60 %
IPv6

18
Domains

27
Subdomains

25
IPs

6
Countries

1961 kB
Transfer

5457 kB
Size

14
Cookies

141 HTTP transactions
3 data transactions