urlscan.io logo urlscan.io
SecurityTrails logo

www.idrlabs.com Open in urlscan Pro
2606:4700:3033::6815:866  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.idrlabs.com/villain/test.php
Submission Tags: falconsandbox
Submission: On May 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 131 IPs in 12 countries across 112 domains to perform 1336 HTTP transactions. The main IP is 2606:4700:3033::6815:866, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.idrlabs.com. The Cisco Umbrella rank of the primary domain is 243103.
TLS certificate: Issued by E1 on May 9th 2023. Valid for: 3 months.
This is the only time www.idrlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a01:7e00:1::... 63949 (AKAMAI-LI...)
167 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2001:4860:480... 15169 (GOOGLE)
40 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:440... 13335 (CLOUDFLAR...)
1 18.66.97.77 16509 (AMAZON-02)
78 2a00:1450:400... 15169 (GOOGLE)
3 52.222.208.154 16509 (AMAZON-02)
1 65.9.66.22 16509 (AMAZON-02)
11 104.18.10.47 13335 (CLOUDFLAR...)
1 143.204.215.23 16509 (AMAZON-02)
1 18.66.112.48 16509 (AMAZON-02)
1 143.204.98.87 16509 (AMAZON-02)
2 13.224.189.70 16509 (AMAZON-02)
4 13.32.99.122 16509 (AMAZON-02)
3 108.138.9.235 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 34.194.0.142 14618 (AMAZON-AES)
4 35.186.236.140 15169 (GOOGLE)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 65.9.66.97 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 2a04:4e42:400... 54113 (FASTLY)
1 34.102.146.192 396982 (GOOGLE-CL...)
28 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 13.32.99.75 16509 (AMAZON-02)
1 162.19.138.117 16276 (OVH)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
2 35.190.39.111 15169 (GOOGLE)
1 162.19.138.82 16276 (OVH)
1 3 34.254.125.132 16509 (AMAZON-02)
1 178.250.1.11 44788 (ASN-CRITE...)
1 4 34.98.64.218 396982 (GOOGLE-CL...)
17 161.47.17.28 19994 (RACKSPACE)
1 34.120.133.55 396982 (GOOGLE-CL...)
23 15.197.193.217 16509 (AMAZON-02)
63 2a00:1450:400... 15169 (GOOGLE)
1 13.53.228.151 16509 (AMAZON-02)
30 69 142.250.186.98 15169 (GOOGLE)
2 73 185.80.39.216 27381 (CASALE-MEDIA)
7 8 185.89.210.180 29990 (ASN-APPNEX)
1 104.18.24.185 13335 (CLOUDFLAR...)
69 2a00:1450:400... 15169 (GOOGLE)
29 23.32.184.192 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 96 216.52.2.6 30282 (AS-INAPCD...)
12 172.217.16.194 15169 (GOOGLE)
1 141.101.90.96 13335 (CLOUDFLAR...)
5 9 2620:116:800d... 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
6 2606:2800:133... 15133 (EDGECAST)
50 213.19.147.43 26120 (RHYTHMONE)
25 104.18.25.185 13335 (CLOUDFLAR...)
25 69.166.1.8 27630 (AS-XFERNET)
25 147.75.84.158 54825 (PACKET)
25 185.64.189.112 62713 (AS-PUBMATIC)
25 2602:803:c003... 26667 (RUBICONPR...)
35 63.33.7.30 16509 (AMAZON-02)
5 5 213.19.147.44 3356 (LEVEL3)
9 9 46.228.164.11 56396 (AMOBEE)
14 98.98.134.241 21859 (ZEN-ECN)
13 13 18.198.111.14 16509 (AMAZON-02)
2 2 35.157.142.227 16509 (AMAZON-02)
13 13 52.51.217.131 16509 (AMAZON-02)
11 69.173.144.139 26667 (RUBICONPR...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
6 6 185.89.210.90 29990 (ASN-APPNEX)
2 2 3.127.29.62 16509 (AMAZON-02)
4 5 35.204.74.118 396982 (GOOGLE-CL...)
4 6 198.148.27.139 19189 (PULSEPOINT)
11 8.43.72.98 26667 (RUBICONPR...)
3 16 52.94.220.185 16509 (AMAZON-02)
1 1 18.235.136.0 14618 (AMAZON-AES)
10 11 34.96.105.8 396982 (GOOGLE-CL...)
1 1 46.228.164.13 56396 (AMOBEE)
15 2a00:1450:400... 15169 (GOOGLE)
3 6 185.64.190.78 62713 (AS-PUBMATIC)
6 6 185.29.132.241 30419 (MEDIAMATH...)
3 35.244.159.8 15169 (GOOGLE)
11 12 37.157.2.234 198622 (ADFORM)
13 185.64.190.80 62713 (AS-PUBMATIC)
6 6 193.0.160.130 54312 (ROCKETFUEL)
8 185.64.189.110 62713 (AS-PUBMATIC)
3 5 178.250.7.11 44788 (ASN-CRITE...)
3 3 213.155.156.164 1299 (TWELVE99 ...)
1 5 85.114.159.93 24961 (MYLOC-AS ...)
8 9 151.101.130.49 54113 (FASTLY)
1 1 185.86.139.94 201081 (SMARTADSE...)
1 1 54.227.251.232 14618 (AMAZON-AES)
1 35.186.193.173 15169 (GOOGLE)
4 4 35.214.153.92 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 72.251.245.179 32475 (SINGLEHOP...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 23.23.142.39 14618 (AMAZON-AES)
6 6 3.71.149.231 16509 (AMAZON-02)
3 185.64.190.81 62713 (AS-PUBMATIC)
1 7 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.125.82.56 16509 (AMAZON-02)
1 64.158.223.140 41041 (VCLK-EU-SE)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 134.122.57.34 14061 (DIGITALOC...)
4 85.114.159.67 24961 (MYLOC-AS ...)
4 85.114.159.66 24961 (MYLOC-AS ...)
2 2600:1901:0:7... 15169 (GOOGLE)
26 2606:4700:20:... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
6 6 3.120.46.248 16509 (AMAZON-02)
1 1 2600:9000:211... 16509 (AMAZON-02)
4 217.79.188.11 24961 (MYLOC-AS ...)
1 108.138.7.127 16509 (AMAZON-02)
4 185.64.190.89 62713 (AS-PUBMATIC)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 8 142.250.186.102 15169 (GOOGLE)
8 217.79.188.4 24961 (MYLOC-AS ...)
1 1 52.220.229.2 16509 (AMAZON-02)
1 1 141.95.171.142 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
1 23.88.86.2 24940 (HETZNER-AS)
14 23.37.42.132 16625 (AKAMAI-AS)
6 69.166.1.12 27630 (AS-XFERNET)
2 2 52.16.122.133 16509 (AMAZON-02)
4 7 69.173.144.138 26667 (RUBICONPR...)
3 185.86.138.150 201081 (SMARTADSE...)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 77.243.51.121 42697 (NETIC-AS)
1 2 50.57.31.206 19994 (RACKSPACE)
1 1 141.94.171.215 16276 (OVH)
1 217.79.188.12 24961 (MYLOC-AS ...)
1 6 52.46.143.56 16509 (AMAZON-02)
2 2 34.111.151.213 396982 (GOOGLE-CL...)
10 104.18.11.47 13335 (CLOUDFLAR...)
2 2 89.207.16.137 41041 (VCLK-EU-SE)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 3.65.236.207 16509 (AMAZON-02)
1 1 185.183.112.155 60350 (VP)
2 2 52.209.9.234 16509 (AMAZON-02)
2 2 141.226.228.48 200478 (TABOOLA-AS)
2 2a05:d018:cc3... 16509 (AMAZON-02)
5 5 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 184.29.202.60 16625 (AKAMAI-AS)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.133.36.104 16509 (AMAZON-02)
5 2602:803:c003... 26667 (RUBICONPR...)
1 18.66.147.52 16509 (AMAZON-02)
1 99.86.4.53 16509 (AMAZON-02)
4 23.215.16.120 16625 (AKAMAI-AS)
4 37.157.6.243 198622 (ADFORM)
2 75.2.13.80 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
5 172.217.18.2 15169 (GOOGLE)
2 52.56.253.51 16509 (AMAZON-02)
1 34.160.236.64 ()
1336 131
18    2606:4700:3033::6815:866 (United States)

ASN13335 (CLOUDFLARENET, US)
www.idrlabs.com
cdn.idrlabs.com
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a01:7e00:1::b903:5c4c (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
monu.delivery
167    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:3030::ac43:9d48 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.idrlabs.com
2    2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
delivery.adrecover.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
40    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
6    2606:4700:4400::ac40:99f6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    18.66.97.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-77.fra56.r.cloudfront.net
launchpad-wrapper.privacymanager.io
78    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    65.9.66.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-22.fra56.r.cloudfront.net
get.s-onetag.com
11    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    143.204.215.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-23.fra53.r.cloudfront.net
launchpad.privacymanager.io
1    18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.224.189.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-70.fra2.r.cloudfront.net
signal-segments.s-onetag.com
4    13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net
geo.privacymanager.io
3    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    34.194.0.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-0-142.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
4    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:c00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
28    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
19    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
e7495a226610504c7ac7352574b0ccc0.safeframe.googlesyndication.com
1    13.32.99.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-75.fra60.r.cloudfront.net
ats-wrapper.privacymanager.io
1    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
3    34.254.125.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-125-132.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
eu-u.openx.net
17    161.47.17.28 (United States)

ASN19994 (RACKSPACE, US)
saambaa.com
api.saambaa.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
23    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
63    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    13.53.228.151 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-53-228-151.eu-north-1.compute.amazonaws.com
protected-by.clarium.io
69    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
73    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
8    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
69    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
29    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
96    216.52.2.6 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
ce.lijit.com
12    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    141.101.90.96 (United States)

ASN13335 (CLOUDFLARENET, US)
portal.o2online.de
9    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    2600:9000:223c:da00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
saambaa-static.azureedge.net
50    213.19.147.43 (Amsterdam, Netherlands)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
25    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
25    69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
25    147.75.84.158 (North Holland, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
25    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
25    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
35    63.33.7.30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
5    213.19.147.44 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
9    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
14    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
13    18.198.111.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-111-14.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.157.142.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-142-227.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
13    52.51.217.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-217-131.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
11    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
6    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    3.127.29.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-29-62.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
5    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
6    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
11    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
16    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    18.235.136.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-136-0.compute-1.amazonaws.com
aorta.clickagy.com
11    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
15    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
eu-u.openx.net
12    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
13    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
8    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
5    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
5    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
9    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    54.227.251.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-251-232.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
4    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    72.251.245.179 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    23.23.142.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-142-39.compute-1.amazonaws.com
a.audrte.com
6    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
7    2a05:d018:d29:3601:bc24:9894:4425:647 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.125.82.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-82-56.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    85.114.159.67 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dspcluster.adfarm1.adition.com
dspcluster.adfarm1.adition.com
4    85.114.159.66 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.active-agent.com
dsp.active-agent.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
26    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
10    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
6    3.120.46.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-46-248.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    2600:9000:211e:600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
1    108.138.7.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-127.fra56.r.cloudfront.net
visitanalytics.userreport.com
4    185.64.190.89 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
2    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
8    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
8    217.79.188.4 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dbt.adition.com
dbt.adition.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    141.95.171.142 (France)

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
14    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    52.16.122.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-122-133.eu-west-1.compute.amazonaws.com
ads.avct.cloud
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
1    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipus.semasio.net
1    141.94.171.215 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh
pixel.onaudience.com
1    217.79.188.12 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
is.dopascalls.1und1.de
6    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
10    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
2    89.207.16.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-nessy-float1.dotomi.com
casale-match.dotomi.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    3.65.236.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-236-207.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    185.183.112.155 (Arnouville, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    52.209.9.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-9-234.eu-west-1.compute.amazonaws.com
r.scoota.co
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    2a05:d018:cc3:fe04:1da2:71e5:22b8:3522 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    184.29.202.60 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-202-60.deploy.static.akamaitechnologies.com
www.awin1.com
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de
partner.o2online.de
1    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    18.133.36.104 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
track.webgains.com
5    2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
1    18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net
analytics.webgains.io
1    99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net
cdn.track.production.webgains.team
4    23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com
ad.yieldlab.net
4    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
ade.googlesyndication.com
2    52.56.253.51 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-253-51.eu-west-2.compute.amazonaws.com
api.webgains.io
1    34.160.236.64 (None, )

ASN- ()
odr.mookie1.com
Apex Domain
Subdomains		 Transfer
240 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
e7495a226610504c7ac7352574b0ccc0.safeframe.googlesyndication.com
ade.googlesyndication.com — Cisco Umbrella Rank: 277
3 MB
191 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 337
ad.doubleclick.net — Cisco Umbrella Rank: 165
904 KB
99 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
as-sec.casalemedia.com — Cisco Umbrella Rank: 1710
htlb.casalemedia.com — Cisco Umbrella Rank: 500
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
dsum.casalemedia.com — Cisco Umbrella Rank: 1199
73 KB
96 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
ce.lijit.com — Cisco Umbrella Rank: 782
129 KB
88 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 492
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 477
image6.pubmatic.com — Cisco Umbrella Rank: 682
simage2.pubmatic.com — Cisco Umbrella Rank: 660
image2.pubmatic.com — Cisco Umbrella Rank: 820
image4.pubmatic.com — Cisco Umbrella Rank: 955
st.pubmatic.com — Cisco Umbrella Rank: 1016
simage4.pubmatic.com — Cisco Umbrella Rank: 1193
384 KB
78 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 469
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2060
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 967
eus.rubiconproject.com — Cisco Umbrella Rank: 566
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
token.rubiconproject.com — Cisco Umbrella Rank: 573
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 10109
129 KB
69 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
2 MB
51 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 674
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1040
4 KB
35 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 627
5 KB
34 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
10 KB
31 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1487
sync.go.sonobi.com — Cisco Umbrella Rank: 874
43 KB
28 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 286
aax.amazon-adsystem.com — Cisco Umbrella Rank: 387
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 950
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
71 KB
26 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 32812
ad4m.at — Cisco Umbrella Rank: 10585
assets.ad4m.at — Cisco Umbrella Rank: 43177
907 KB
26 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
1 MB
25 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 855
4 KB
23 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 306
data.adsrvr.org — Cisco Umbrella Rank: 4378
6 KB
21 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470
dspcluster.adfarm1.adition.com — Cisco Umbrella Rank: 70295
imagesrv.adition.com — Cisco Umbrella Rank: 18286
dbt.adition.com — Cisco Umbrella Rank: 263326
838 KB
21 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 620
cdn.indexww.com — Cisco Umbrella Rank: 1458
28 KB
19 idrlabs.com
www.idrlabs.com — Cisco Umbrella Rank: 243103
cdn.idrlabs.com — Cisco Umbrella Rank: 330482
221 KB
18 google.de
adservice.google.de — Cisco Umbrella Rank: 9037
3 KB
17 saambaa.com
saambaa.com — Cisco Umbrella Rank: 21764
api.saambaa.com — Cisco Umbrella Rank: 24337
341 KB
16 adform.net
c1.adform.net — Cisco Umbrella Rank: 562
dmp.adform.net — Cisco Umbrella Rank: 2844
cm.adform.net — Cisco Umbrella Rank: 1155
8 KB
14 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 607
3 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
secure.adnxs.com — Cisco Umbrella Rank: 417
14 KB
13 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 272
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423
5 KB
13 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 520
6 KB
13 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
4 KB
11 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1812
580 B
10 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 902
2 KB
10 turn.com
ad.turn.com — Cisco Umbrella Rank: 812
d.turn.com — Cisco Umbrella Rank: 1144
4 KB
10 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2230
www.google-analytics.com — Cisco Umbrella Rank: 30
82 KB
9 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 606
1 KB
9 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 970
pixel.quantserve.com — Cisco Umbrella Rank: 790
cms.quantserve.com — Cisco Umbrella Rank: 686
21 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2837
dis.criteo.com — Cisco Umbrella Rank: 575
9 KB
8 monu.delivery
monu.delivery — Cisco Umbrella Rank: 23992
imps.monu.delivery — Cisco Umbrella Rank: 29391
165 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 437
ajax.googleapis.com — Cisco Umbrella Rank: 320
145 KB
7 openx.net
oajs.openx.net Failed
google-bidout-d.openx.net — Cisco Umbrella Rank: 2602
us-u.openx.net — Cisco Umbrella Rank: 436
eu-u.openx.net — Cisco Umbrella Rank: 2294
2 KB
7 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4028
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5193
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5368
signal-segments.s-onetag.com — Cisco Umbrella Rank: 9488
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 3965
signal-metrics-collector-beta.s-onetag.com — Cisco Umbrella Rank: 4075
21 KB
7 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3727
launchpad.privacymanager.io — Cisco Umbrella Rank: 3413
geo.privacymanager.io — Cisco Umbrella Rank: 1698
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 3034
135 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 752
5 KB
6 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
a.rfihub.com — Cisco Umbrella Rank: 2743
5 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 482
4 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 550
3 KB
6 azureedge.net
saambaa-static.azureedge.net — Cisco Umbrella Rank: 27614
167 KB
6 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1344
318 KB
5 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 722
2 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
306 KB
4 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4221
2 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 141178
static-de.ad4mat.net — Cisco Umbrella Rank: 183763
8 KB
4 active-agent.com
dsp.active-agent.com — Cisco Umbrella Rank: 61693
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1870
3 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 849
1 KB
4 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592
ssbsync.smartadserver.com — Cisco Umbrella Rank: 724
927 B
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 514
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1025
bcp.crwdcntrl.net — Cisco Umbrella Rank: 863
sync.crwdcntrl.net — Cisco Umbrella Rank: 755
13 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 21135
api.webgains.io — Cisco Umbrella Rank: 56810
32 KB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1176
uipus.semasio.net — Cisco Umbrella Rank: 4935
2 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2748
spl.zeotap.com — Cisco Umbrella Rank: 3268
997 B
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 15136
pixel.onaudience.com — Cisco Umbrella Rank: 2808
1 KB
3 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3044
casale-match.dotomi.com — Cisco Umbrella Rank: 2638
467 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 26762
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26468
899 B
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4789
834 B
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758
creativecdn.com — Cisco Umbrella Rank: 531
3 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16768
1 KB
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1170
361 B
2 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 882
355 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 34563
1 KB
2 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1494
569 B
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3720
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3942
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 742
s.tribalfusion.com — Cisco Umbrella Rank: 1808
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 961
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2194
1 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 918
1 KB
2 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 75905
partner.o2online.de — Cisco Umbrella Rank: 91562
2 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3109
335 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 677
457 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 862
id5-sync.com — Cisco Umbrella Rank: 421
18 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 25725
11 KB
2 gstatic.com
fonts.gstatic.com
97 KB
1 mookie1.com
odr.mookie1.com
213 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 59947
15 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44502
2 KB
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 81468
475 B
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 78256
436 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 80054
261 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 339
648 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1515
281 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5890
343 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1528
424 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 25580
268 B
1 1und1.de
is.dopascalls.1und1.de — Cisco Umbrella Rank: 321049
29 KB
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6059
1 erne.co
green.erne.co — Cisco Umbrella Rank: 20357
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2592
641 B
1 userreport.com
visitanalytics.userreport.com — Cisco Umbrella Rank: 16140
518 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 713
441 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2106
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3605
466 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2066
308 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1253
283 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5565
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5255
368 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 645
940 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1733
428 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1356
244 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 922
360 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 939
402 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2334
8 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
878 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
13 KB
1336 112
Domain Requested by
167 pagead2.googlesyndication.com www.idrlabs.com
cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
www.googletagservices.com
87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
78 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
www.idrlabs.com
www.googletagservices.com
70 ap.lijit.com 23 redirects saambaa.com
ads.pubmatic.com
ap.lijit.com
69 s0.2mdn.net www.idrlabs.com
s0.2mdn.net
69 cm.g.doubleclick.net 30 redirects googleads.g.doubleclick.net
ce.lijit.com
us-u.openx.net
87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
ap.lijit.com
eus.rubiconproject.com
63 tpc.googlesyndication.com cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
www.idrlabs.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
52 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
50 targeting.unrulymedia.com saambaa.com
35 ads.yieldmo.com saambaa.com
29 ads.pubmatic.com saambaa.com
ce.lijit.com
ads.pubmatic.com
www.idrlabs.com
ap.lijit.com
26 ce.lijit.com 1 redirects ap.lijit.com
ce.lijit.com
us-u.openx.net
ads.pubmatic.com
26 www.googletagservices.com www.idrlabs.com
cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
saambaa.com
securepubads.g.doubleclick.net
87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
25 fastlane.rubiconproject.com saambaa.com
25 hbopenbid.pubmatic.com saambaa.com
25 prebid.a-mo.net saambaa.com
25 apex.go.sonobi.com saambaa.com
25 htlb.casalemedia.com saambaa.com
24 googleads.g.doubleclick.net pagead2.googlesyndication.com
cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
www.idrlabs.com
19 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
18 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
16 aax-eu.amazon-adsystem.com 3 redirects ce.lijit.com
ads.pubmatic.com
ap.lijit.com
eus.rubiconproject.com
15 www.google.com tpc.googlesyndication.com
87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
14 eus.rubiconproject.com saambaa.com
eus.rubiconproject.com
www.idrlabs.com
14 pixel-sync.sitescout.com ce.lijit.com
ads.pubmatic.com
ap.lijit.com
ssum-sec.casalemedia.com
13 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
13 simage2.pubmatic.com ads.pubmatic.com
13 match.prod.bidr.io 13 redirects
13 x.bidswitch.net 13 redirects
13 saambaa.com www.idrlabs.com
saambaa.com
12 googleads4.g.doubleclick.net www.idrlabs.com
12 match.adsrvr.org js-sec.indexww.com
us-u.openx.net
ads.pubmatic.com
87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
saambaa.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
11 c1.adform.net 10 redirects ads.pubmatic.com
11 tr.blismedia.com 10 redirects ce.lijit.com
11 pixel-us-east.rubiconproject.com ce.lijit.com
ap.lijit.com
11 data.adsrvr.org ce.lijit.com
ap.lijit.com
11 pixel-eu.rubiconproject.com ce.lijit.com
ap.lijit.com
11 js-sec.indexww.com monu.delivery
saambaa.com
10 cdn.indexww.com ssum-sec.casalemedia.com
10 partner.googleadservices.com pagead2.googlesyndication.com
10 ad4m.at as.ad4m.at
ad4m.at
ssum-sec.casalemedia.com
10 cdn.idrlabs.com www.idrlabs.com
cdn.idrlabs.com
9 sync-tm.everesttech.net 8 redirects ads.pubmatic.com
9 ad.turn.com 9 redirects
9 www.idrlabs.com www.idrlabs.com
8 assets.ad4m.at as.ad4m.at
8 dsum.casalemedia.com ssum-sec.casalemedia.com
8 dbt.adition.com imagesrv.adition.com
8 ad.doubleclick.net 5 redirects www.idrlabs.com
8 as.ad4m.at 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
as.ad4m.at
googleads.g.doubleclick.net
ad4m.at
8 image2.pubmatic.com ads.pubmatic.com
8 ib.adnxs.com 7 redirects googleads.g.doubleclick.net
7 pixel.rubiconproject.com 4 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
7 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
6 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
eus.rubiconproject.com
6 sync.go.sonobi.com
6 pm.w55c.net 6 redirects
6 ups.analytics.yahoo.com 6 redirects
6 sync.mathtag.com 6 redirects
6 image6.pubmatic.com 3 redirects ads.pubmatic.com
6 bh.contextweb.com 4 redirects
6 secure.adnxs.com 6 redirects
6 saambaa-static.azureedge.net
6 www.google-analytics.com saambaa.com
www.idrlabs.com
6 cdn.confiant-integrations.net monu.delivery
cdn.confiant-integrations.net
saambaa.com
5 ade.googlesyndication.com
5 beacon-ams3.rubiconproject.com www.idrlabs.com
5 token.rubiconproject.com 5 redirects
5 dsp.adfarm1.adition.com 1 redirects saambaa.com
5 dis.criteo.com 3 redirects 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 p.rfihub.com 5 redirects
5 um.simpli.fi 4 redirects ads.pubmatic.com
5 cms.quantserve.com 5 redirects
5 www.googletagmanager.com www.idrlabs.com
saambaa.com
www.googletagmanager.com
4 ajax.googleapis.com s0.2mdn.net
4 cm.adform.net googleads.g.doubleclick.net
4 ad.yieldlab.net googleads.g.doubleclick.net
4 st.pubmatic.com www.idrlabs.com
4 imagesrv.adition.com www.idrlabs.com
dspcluster.adfarm1.adition.com
4 dsp.active-agent.com saambaa.com
4 dspcluster.adfarm1.adition.com saambaa.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 csync.loopme.me 4 redirects
4 us-u.openx.net 1 redirects ce.lijit.com
us-u.openx.net
4 sync.1rx.io 4 redirects
4 api.saambaa.com saambaa.com
4 imps.monu.delivery www.idrlabs.com
4 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
4 region1.google-analytics.com www.googletagmanager.com
4 monu.delivery www.idrlabs.com
monu.delivery
3 ssbsync.smartadserver.com googleads.g.doubleclick.net
ssum-sec.casalemedia.com
3 d5p.de17a.com 3 redirects
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 c.amazon-adsystem.com monu.delivery
c.amazon-adsystem.com
3 fonts.googleapis.com www.idrlabs.com
saambaa.com
2 api.webgains.io analytics.webgains.io
2 www.awin1.com 1 redirects as.ad4m.at
2 d.adroll.com ssum-sec.casalemedia.com
2 sync.taboola.com 2 redirects
2 r.scoota.co 2 redirects
2 casale-match.dotomi.com 2 redirects
2 dmp.brand-display.com 2 redirects
2 uipus.semasio.net 1 redirects
2 mwzeom.zeotap.com
2 ads.avct.cloud 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 static-de.ad4mat.net as.ad4m.at
2 prod-rtb.ad4mat.net www.idrlabs.com
2 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ads.creative-serving.com 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 eu-u.openx.net us-u.openx.net
2 rtb.mfadsrvr.com 2 redirects
2 creativecdn.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 pixel.quantserve.com www.idrlabs.com
2 rules.quantcount.com secure.quantserve.com
2 secure.quantserve.com www.idrlabs.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 gum.criteo.com 1 redirects static.criteo.net
2 cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 signal-segments.s-onetag.com get.s-onetag.com
2 delivery.adrecover.com www.idrlabs.com
2 fonts.gstatic.com fonts.googleapis.com
1 odr.mookie1.com googleads.g.doubleclick.net
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 track.webgains.com as.ad4m.at
1 www.conrad.de as.ad4m.at
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 sync.adotmob.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 s.company-target.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 is.dopascalls.1und1.de
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 uipglob.semasio.net 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 visitanalytics.userreport.com www.idrlabs.com
1 a.rfihub.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 e7495a226610504c7ac7352574b0ccc0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 d.turn.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 portal.o2online.de www.idrlabs.com
1 imasdk.googleapis.com saambaa.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 protected-by.clarium.io cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
1 api.rlcdn.com js-sec.indexww.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com www.idrlabs.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 ats-wrapper.privacymanager.io launchpad.privacymanager.io
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com www.idrlabs.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 get.s-onetag.com monu.delivery
1 launchpad-wrapper.privacymanager.io monu.delivery
0 oajs.openx.net Failed oa.openxcdn.net
1336 193

This site contains links to these domains. Also see Links.

Domain
facebook.com
twitter.com
Subject Issuer Validity Valid
idrlabs.com
E1		 2023-05-09 -
2023-08-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2023-02-23 -
2024-03-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
cdn.adpushup.com
R3		 2023-04-05 -
2023-07-04		 3 months crt.sh
*.confiant-integrations.net
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-10-06 -
2023-10-05		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
imps.monu.delivery
GTS CA 1D4		 2023-04-01 -
2023-06-30		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.saambaa.com
Go Daddy Secure Certificate Authority - G2		 2023-04-03 -
2024-05-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.portal.o2online.de
R3		 2023-03-26 -
2023-06-24		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2022-06-01 -
2023-07-03		 a year crt.sh
*.active-agent.com
AlphaSSL CA - SHA256 - G2		 2022-11-14 -
2023-12-16		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2022-04-26 -
2023-05-28		 a year crt.sh
*.userreport.com
Amazon RSA 2048 M02		 2023-02-22 -
2024-01-18		 a year crt.sh
truffle.bid
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
is.dopascalls.1und1.de
R3		 2023-03-24 -
2023-06-22		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh

This page contains 215 frames:

Primary Page: https://www.idrlabs.com/villain/test.php
Frame ID: E42522A41D4830A65F48839D2DC03073
Requests: 83 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Frame ID: 2DDE8EEF487D58CDBB02B8E56B36EB5A
Requests: 1 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 2C77495AE36C4CEA88B9BA7705220427
Requests: 1 HTTP requests in this frame

Frame: https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E1030126BB38E2B633C93C70E36E286F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.idrlabs.com
Frame ID: A2835F296975C950B3F196964ADF08FA
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 78220BA4065312AB1858B5FB149EE9A9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMeJCsDq5wLiUxv5L4Unljdhq5f6N5hZxjnrSrKrBaMQi-kQeNLdCibeusuoJLWF6DNRWImN4mENgcaNUU6AcEzgSujfoUyvPNYnA_hQ8gWWE7HHbxzZKfaLJ-dJDqyoAPvr-1SRsiezfELlcIsd6QezX5H15jAtY_YRM3Q_dm9wqZuyRuclaitdckvreONEShvGe8Z80ENImEPDfitAEKmL1BBnym5JMklURhPMCVwQKy-JEUkKYUAPuKP-08Xu77PVahob0V3R-Gy_S_r5BfpKvb1kJVPi0XjqpUD3hs6NOCE-kn8GxqfXVMQuf4oDFM68UajQMaV06FWuGTqFrGuZZEnBTxZ7g&sai=AMfl-YTisLoreE5C2i5jg_0L6T_qZftPgGsILKnI_bqeTElXNGc4RP0pv7h7-EKGbMmN8AZvApbpCNrrhfm3y5rqQP5LNpIrHnWp6gYYsXcXcECSUJLGDVrqPtA16LZTSWgXw891INAI2wYFy8FYpjxz&sig=Cg0ArKJSzCSU4GkogvoMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 60D59CAB53AE846DCF528E9D10CFDBDA
Requests: 174 HTTP requests in this frame

Frame: https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AC23357D03E07CC0B7DAE64B322261E4
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvismxsEKjrQowBSHU4CUyBWMoEfbvCsAYS4hbf1je7j_ILozyly6V0OkAZOQTz16c3ZVj_giSqrMLvgsbwU8hL2y0m4ZuIEc5dri60pp8RXbgPujdOqxoPstX41VJtN_KU2dzdRkET1Ha3dwe88bVVow-IIgFBe-stBfS8D6Cn8FzCNLyS4VUS8XDGmaK9OCkRRP5lM8PScbij-wtCCd0I38M7DrLreISNCyvYXq8P4zX3h7utPT-qoCN9YrZqzbVtNO0wVqlkNQQgNM0AFNzFa8QWpJyTIZjcomhKsDu2kHX2O7aqAHGO0xVKaXu1KriJibkO5TlwyQP_QNQWEBlUP7lB8qBwKts&sai=AMfl-YQwY7lt3C-sr3UYPoNgVaZ3eRg0IR11l98uahCBS98u2jlip4N7smwYp45-jacPpzjSB2X6fJ99O9Jmy-IsVsIzHk_B7IlvFCYdfvGx7CTd67i36yltLUngy0IcD63R0zGyfGTNynADGxI9gpw&sig=Cg0ArKJSzLYh6E-JTQ5eEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F9F76AF4950DB1DBB3A5F6FC20E1A6A8
Requests: 153 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi7hO3eATAB&v=APEucNUWzyNULks9V3MAwq6btQTh3M0_AEjROBT4kVjWijmMJhIfwhG3vKJ-31-gztU59L-GMGkjGT7jQhpWQaBUrd51vZgknwEURcLCyyJ4GpwTph1w9mMZkAAAJ6RLIBSBVarRZNX1M_xbAwIqf6C3xsyu14kDghIBBM4nUnRfXEc0X0MsFJ8
Frame ID: 5491A4BB1E12790FEF988E54A2B770F5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0ACCF7910ACD7E094D90B2243C26490E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
Frame ID: F6C92BED0CBCA69EDD170B7697BEB896
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: F69F4C96431B219C172A4B6919012205
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Frame ID: 60EF8AE795506888E0AA2CB6CA546306
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 7FFEC892216AED85B7D4A0F136742D56
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: A640C396D1654DF613900D1DB95DED37
Requests: 5 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 586A1F7893A24F624F262D18EBDF58A3
Requests: 8 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=9136218687624923075&gdpr=0&gdpr_consent=
Frame ID: 3855298406B0A6B202FFED73CB1B3342
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C473EC2EE9AE0218ACC644A574EABFE2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97EF55711A7D3911D085B6BB643EE8EA
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0494646b-3321-4b00-ac52-38bfc9ea3e8f&gdpr=0&gdpr_consent=
Frame ID: 74D1AACF588FFBD2D32BBFFA92E28C6E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827988031191
Frame ID: 59457BCA80D0ED46AC80AB9C500D492A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: EDC8A27EC493367EDA9EE6471D5434F8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8564978026822791323
Frame ID: 1128E5A1A2D6044480B3A8DB1B9F388D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: B4BAE5CBB80402E6B3BC6216CE88A54C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8N-yDPXYtl7r3rBX8ImpV6WPsF7r37Nd_o67Xsz3
Frame ID: 892258AA40732A9B4634F7BAEB568042
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8561191816879852939&gdpr=0&gdpr_consent=
Frame ID: F05C04FD3C201848DED21A6C28E43449
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7235933438855739536&gdpr=0&gdpr_consent=
Frame ID: C190031F5678C389C9FA69D8529D80AC
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGszIAAL5bHx0gBL
Frame ID: 71AA3E28113821613E3F97189B754861
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFy6E7I1mYAACFpYYcPWQ&gdpr=0&gdpr_consent=
Frame ID: C538641D5C76D63F0E402AB71846AF27
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dz0Zgdq1UfpcphIZsbr9z9lAlwk&gdpr=0&gdpr_consent=
Frame ID: 297469EDF717B07276FFBF16DDFE1A76
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2BC1F74EE4C93E2A453A571F5E4598CF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 904514B3A47413A15FF3510C51F59471
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 4A78C746C2F830BE19A598B6E1B4DD10
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: A2D00BE7F0D90BE04D51ADB2212EB197
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
Frame ID: 612E8069726BF41F02A020518BA93B67
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 303757485CB19D89BC59A7C99D0AEE35
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/merge?pid=71&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: C69F083A4A93CE9497DF5FEF6450FE19
Requests: 1 HTTP requests in this frame

Frame: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B920465C7810C153924C0C95955A8AEC
Requests: 1 HTTP requests in this frame

Frame: https://e7495a226610504c7ac7352574b0ccc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 71B3D27E746A90265D48DE7AA54B140F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCJTSB8nGV1tVfcjCDWK_vyquymGEDXvHOjzRyoDUk34LLz9QX4YdITZ4rDekqRnl7VItQ9eYl7vhTr03vnA4ZAZ4cHu329kuWqFdSi6wxJaWlwB94MY7bTs5vDy-BCLme_XaTIk5dV6DAVPC58IR0ykvof3sKl3RzTltdI0Cl3FdXNAp2nca5HamGhGiucX52BSnRu6dfPNcx_QvitCY2nQnVNzxjdRqFTK5Cg0VoybuIGn8nxLA2F3kvqcREkVN95UndythNwatIYkU-F2T8JWfrONrQU0cHyHJISacp-GlZiUl9Ba3Wvsw3ckAtChhJ29FqKYfrIbo&sai=AMfl-YQcvqWxyvNH-QPe2JJl49hFvg-tHwNvkAdd55QYVW30WEM9jS_-4z31jErd2ePYRzxpKR8Tve34eVe2HyZO_BT6rxve5UGz5MI3990W3uTLwFCuuih8vNLfZLE2sw&sig=Cg0ArKJSzEJPPiUQYqyTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 471DF4DFB358B04C229C11E24B48013E
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGoGu1NpKViwN6Ck1VMLAzpDloUwOV7HaSFLNMmipXW8Ilrr7E7OBDOGPAnYi4jHDSilgWIuXS24nk5F-4VWye3nCSF6bpP6LJa1f8xLwFhDAgm7-b9ncWS9mUx-Pgc3w5xVYSbRzeolKa8vMSn0yMmQXi2o2EKSy6AO8zkGAO_bMAYRLzxPAaVXNbARDBKRhTEIEJpluw__Bg5O625fGyo0u84-UC2v7xW9GtUcFms-25WQ3ZC85LZ-htHbQybsdFPd2U_SlcvQLIfzi3Nj-arALISkeIzePFfGr-x_khA4evT_ZUiEoRsGUzKSCObNBr5h-Sqp2i0cc&sai=AMfl-YSLaCoP7K-4c8Qb9yNo5kxpqYvpzEkAB_2Sgw6ALvMfEGYD-Ip9OAjwLUQm11sv1aah9iqQ2-_tKttI0TyqIwt4EuyXCQYlORliDb6duvPEoXIw0sflCEAbXLIsOA&sig=Cg0ArKJSzKiJ5821AzAeEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 79758EA56C36A9F0B8551D8EDE97AA68
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuhUOykPltImUjNNSCF4Ou5RxphF4JHY6Gwohx0Q1vRkOcETn8T8g7M67pY_l4UA98-B1JkTTdLrVJt-Ppsqnj_TM5rrcj8r6Ej6mTSXYHA995_jTbQBMCUjUugT3rzvgOuH7Dt77SCoGgpjnTDBn8hQenDZhjBdX5FZFVztUzMFUqepSoWr4ETvJZXdnY9MGtCt-jglVbV0Dpn1h4Ys6_iPI_x5mWTQhyjyqxZG_eR4bQXZsL2fKgZhxxHAgCiOCPm6ZGr3ECzbUx4TveCLq8ibmfaJWD-OFkNcKDTOUN7FcAhlG0eN7aMblDo4lHViLyvFyIzm3ARvs&sai=AMfl-YTBQi6csdWZlasEIISQKKAkSDX2p4SW3yebrq-3T-eofYE9iGnX_w7LJSiNtlphNwnh3RZ_ey_ErRMxd9U7gnefN86Ym6uEBVAnKTroGNBTJbTV4rGIMwWbtiogmQ&sig=Cg0ArKJSzCnPe19LtzjvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AC96D75DA1D9F685EAD579B0E060FF32
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDrgSrOG0bYBnifZkp9Qkz4XmLn0gDf1aIyHKQkqPWnfnZcS7dHcvEKKBWUyp2h99202Adhmu8eFrXXYrnZB_MPFu6RqzEpNAB7AoeA1SZoPb_q9qEfmWoSR84juNwvELSq7Gp5LwtngfWPuHkXwfeMA8AbAI3pyIuhI9S7_lxqBykpFmAKDA-FvMYUkpRiDXCIeceDl9ksO6vgS0kZRxgHf4Mfj111tzsE2oDCQ9mdbU75QzS2Xrz5YArmdilZGzMm_0y8xjnaP_mjby4fS_Px21Q3w5N03T2D-eZDTOoVoSClgmCXcpHfRFq1Z3f-OHyw7PJqVE-jg&sai=AMfl-YTMj9zF0wOndDRE2cRQTl0Fz5kYoSYNoKEQ_LsgWwywBHQjjiwS0seHqsabuU2u9RL0_7Z5cdIIasaLTEk0lN-iDGQ-v725BJSTiJlWhPUHqYPcw5ISLCStZ5IsZQ&sig=Cg0ArKJSzGav28ustUtbEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2BDCFE4EA8580AD38125B94E9DB3D03F
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AD8288C29880B3CAE81AA01ED83CF4B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 187255616B6FE5BBC129CEB96AD63E09
Requests: 2 HTTP requests in this frame

Frame: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F237AE6370F0E5C641535C82AB3DC8AD
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssA_GgVni5c0UUBFlyj1suBAayRjU-iDNhx2P604zR8h06qHwIEXmJsXGar0aJvXRp0tK8SSJgddXU3GLkOfz8-vuLzUkk8LAQF_L-uR-TelciXGOYfsaFdxAuTg869zbWUBI9mViEGrBuev4MhQSphU1qm7J86fjo6KSoM2CsLaU3X1FBrY0KZbH57rmRt2rnpp0wweQf4EdVMnzfO6KzCG2h69OZkV8XqIKh_RCTQ-Zkm48JWHxQtrxGjiHVZ17R2gHX_-J_o7KraVmY1NUUa9MIlFIaBg5XH-_Y_i-uVPXCQBC69UWBe635LSFunHY7x8QgtP07dSldd&sai=AMfl-YQBR2Z_f6KIY4uFkIoCmP9LRgeYMsfrccd3INs7btUTAcaa4SS-c-62SLwCn0brJE2zNH_dyCIULFQp46iTt9WMb_ghcTxPro5feppJfsK9yv_jdCUe_VYCSJ2Isw&sig=Cg0ArKJSzEvo6JiPha6OEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A1846598526A31F7CE3C0BBABF80B595
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvw5QWS-vP2qZsNU7RI4M7RM7YI_zYcGwrVZx8GIkUBYwd_fDvOdMGHHasZaweRIBZkUS32t3m2FKPeJ8xdPEYkzGl1ht81hmUM_2uEChUonvhvJP2RSVU9VWKHLt5LgAb1YZOIwukOiVUaCdeKx-LDhk4kamJeebOKb7nEqwYJjOfagldlsOuRysyizyvVWNVGpU29yHfzHPbvnlz9FtJwW_p2MfvjRqoyxsX_ru5Hk05ypQscTAQWcD-9lcDnsZu5VYXkf7V9N7BhN3orVVdJYNPRlfXuI35PrYi3wZnVtWR6Iqh5gGPlquYyRpiA-gEcyo1jd9eDX966g&sai=AMfl-YTfntSWHv3FDQZ5ZZ09iZdGe-IBYFcH6ZylrukvWmFc-xxirV6mB3qsjN_xOqSWlIeL6ZVYcHAZvd0Uf08gLJ4LtUoQ-lA2SF833lFrvDqBTyxTKpPIJSq-92FMTw&sig=Cg0ArKJSzA7lZG0pFw5iEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 81AC317379299E32566E41DBA08B5D58
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kxa9gxqq60zx5mkmeyy32qwzehn8zzt5k3p299ycmfn4vjpb5kdr6m0gms6ybpbfw43yp6hebxmk7kk0sxvnp30x0ygcrxpcs20wk0g0pa8t3xp8y3eazaapd0gb6xc42qct5zpb2ag1kra1bddndwpmzmg4atmhkjpgamq65qhg61gdgven487t0d8hv1a2txcnq4swy7xrwqp6wzyf0t4echmq1w37w6g0sfjbrpapynrwgghhrd5bds4zhzsen87mr2wevcxe14x5yehsntrjym1sj6abkjvqnb7ja7r2zxtayyfp4ygv5tc5x77nwq29bs8abkra0kjhphk2zrmk9ct8qfr48v499gzv6bk8401gbr6fkm2d22tffdwnfvdxekxvkr8bg91re7sp56n8h943ktjgf99ppzntm0zbw1hydmtx9qb3hj4m1x0p22tmyeb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%26client%3Dca-pub-6552175488733768%26adurl%3D
Frame ID: 90CB584918633EDFA753C9FFB697444E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A252A75EBE56C15371F54F17DF5536E2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B8F167F778B60ECFD68AB8EE6BEE484A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 457E4BCED04D962218DBA1E1E1014787
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYcE3oFSdZBYjYxgG_XrAU2n7ylnB7mKyPYEXVQYLSzzKsceh1kwVFa8IeoynifCAZEd4-L9PLE8mx4CSREoW2vbWqSshelgFwg-yxMXQVlkvl4LE-23lmM9UxAQ0EQib7peJelr6e4AKBVoUvEf8-GRf0chiA6ZYQ_S1afv4izQYVgx-wBS9aPDSObQRbCKoM-kEYRwanEKhElia5um46_XyMjdZzwwaB_YXpspk0pVg66aSKdp_6fAPuH5GwR4hN4J8mFrjxMfssP0EJikX5HUAWMfc11_w5RlOYhjQQ69Mtok1r5eY32yS58HVpQ_QcM-TAkrPSCFqkrg0&sai=AMfl-YQMYOe7yt5TVfkdCnBT85baICJLh01836QFdp8a_G18fl1-HFEL_xKwAz0q6MukEEHuCiToYycT3D0DXm2YoB6bBVD_2hm31G5huFYqIWn6X2sNftKmMZijbmuc_w&sig=Cg0ArKJSzOoCFMqnBKzxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 346DD50F38F4D78FA0893B45CDDAEC37
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3422631141&adf=467759286&pi=t.ma~as.RON_728x90_House&w=728&lmt=1684747041&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041395&bpp=15&bdt=337&idt=459&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=2&ga_vid=215484772.1684747038&ga_sid=1684747042&ga_hid=1107460658&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=3712403075&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31074545%2C44785292%2C44788441%2C44790154&oid=2&pvsid=279225184921592&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.utm94g7zq4ls&fsb=1&dtd=486
Frame ID: CFEF4CF62D238B50B4106A79E48BF023
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467760281&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747041&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041466&bpp=12&bdt=275&idt=480&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747042&ga_hid=440142559&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=2997360142&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44785293%2C44788441%2C44789779&oid=2&pvsid=3848651362865139&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tf6n6zjabw59&fsb=1&dtd=499
Frame ID: 32B483DB30EF5C313DFF7504650EA853
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3422631141&adf=467760279&pi=t.ma~as.RON_728x90_House&w=728&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041541&bpp=12&bdt=302&idt=464&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747042&ga_hid=1633818051&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2361954075&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31071259%2C31071756%2C31074688%2C44788442%2C44789923&oid=2&pvsid=888148739970482&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qy8fhysy8cyr&fsb=1&dtd=574
Frame ID: 90D553263710E327BD467FCAA1E7B97F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D37B246566046322C422F0D01026ACC1
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161763&siteId=951966&adId=4413083&imprId=C9C61D0D-76BC-4330-8778-9FA996C9EDB2&cksum=2B95F9C371896717&adType=10&adServerId=243&kefact=0.112490&kaxefact=0.112490&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1684747041&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.140612&dcId=3&tldId=0&passback=0&svr=BIDAMS0037&adsver=_810189242&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=ITNrZIlTAQDz--RMm74RL4pUlbH1SGPJKwrYS-sooj7RtK5f&ekaxefact=ITNrZJFTAQDVwltNhWuFo0P5IeVCt5SaTPQP5JgZJ6X_q3GN&ekpbmtpfact=ITNrZJhTAQAm6PrJ5FBapDJvXpwyzXAxlSNFwf42nh2UPPCa&enpp=ITNrZJ9TAQCf7TMl1IUMmoydTY_KMh-MOnCyVdsQxGkPFBYV&pfi=1&domId=5078253400103136894&dc=AMS&pubBuyId=20680&crID=17866224&lpu=mobile.1und1.de&ucrid=10900121001944309308&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3202&wDspId=1101&wbId=2&wrId=0&wAdvID=113000&wDspCampId=5899998&isRTB=1&rtbId=1BABADF7-F354-4757-9288-8728342CA241&ver=5&dateHr=2023052209&oid=C9C61D0D-76BC-4330-8778-9FA996C9EDB2&cntryId=58&domain=idrlabs.com&sec=1&pAuSt=2&wops=0&sURL=idrlabs.com&BrID=5
Frame ID: 24445179705ED7185EE3BE760B3B4271
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuhba6-wvUSr0ncrtI3TzNoNdgKMXIQ71dwDmAqtpQixYV0jbC6xZQURb6awFbbyBitru5Jr7Xf02YSPF1icpX8y56EjLqJQPqmLbfZd5psqsea9Ia4yYGBeXs1105l0xU4MtfoXLrk0y80Usaok6DEyC83tLUcG67bQu6k9xj_yelKjSzqPWAkDEQ2fpxJy8Y1DnNhfI_-iIndpbOUGngYSV4kzZgZP0p-SYUSxs41bLoG0NNDfNtTzVma7LayDKuA5PyIhspzRBabWFc32N4VH-ot07o266MYgygLoBguQZw_TtaB55joyFkAOuYqeFpbIgULDji5DT9ob8&sai=AMfl-YSge0QD8IfWygzwrrRiKRaSMlAN49J2rZdFqwYXDlIQCd7RLIjlOU4k2YdhlHsCoF_E5UuXXmVGW_9SaWsjBjikcoLQLAIwYBYgMS9tNqlu4uVNm0ZCCjmUTKpRZw&sig=Cg0ArKJSzFV-c5r4ESd4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FE61908560FA16E9CC3D1017FF6C75BC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3422631141&adf=467757214&pi=t.ma~as.RON_728x90_House&w=728&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041643&bpp=16&bdt=334&idt=531&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747042&ga_hid=270885129&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=3890344858&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C31074199%2C31074689%2C44785292%2C44788441%2C44792089&oid=2&pvsid=2101823202013566&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ycygba5ldec&fsb=1&dtd=553
Frame ID: 692E06D84A3143FBB7146A84FD7BADC2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvojLtbIwxOp59wJ52MrOWjLRjjt1vxZEfslSDKzQ5y3Hy5gmbaKqBkpYfDcIbu9fLoQiMvD7goTeKR3HtMjsPlNeAo1bHsrpcHL3LtnE_pzhAD3dfyZlCcDWq9Dkzxv8Z6vdh86IxbSQjlvW5AwS7ON2ItJzU3TCUXm7fczo7_NhdgtUXUQa5woNQaNvLUb1zbwgQysYMm2tLHWFeD8JD-88g5xBb2DNvIWxmzvpPPhJhkgWfTS9ZozaWvSfrzYuYXht1ycuJgIHduHOUKC6qvJfrfjRTBmWn7PjO_r7AU0nVj1z10UCBULlfrB3gvUr_vPxFRckYVj7TvEdo&sai=AMfl-YQ-kf7fnO1nvxUIP8UDxm8qBv7P7JLALVzh304bjFMNfPzrmy51fF6lOCDQuUipnIppXc2pOx0qOUpz9K94fz4PrKzwHi--gxwN1bv6Tn4ZCw5N4zrGw84SjT1pmg&sig=Cg0ArKJSzAuxKsfYtMYiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7FAF9E8A6AA1DB4646D3ADD5C440BA03
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F7A4A9552FB0905F18B833E7EFFB6B16
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161763&siteId=951966&adId=4413083&imprId=BB94AFFC-878C-4265-BB68-04F08496DCF2&cksum=B1F7B9E7800667B2&adType=10&adServerId=243&kefact=0.060571&kaxefact=0.060571&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1684747041&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.075714&dcId=3&tldId=0&passback=0&svr=BID22519U&adsver=_77573821&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=ITNrZOd0AwDQygZjiQOYWgf2FUs3doQyHaoQtRsvGs4mcGEj&ekaxefact=ITNrZPF0AwC-7mKCQgN_Lm9kybwvctVqLMUkHvjVxeI_UXk6&ekpbmtpfact=ITNrZPp0AwCy4Vey0qqN9pk5ZD0Y9-alHmPUtELe6wmu61Kw&enpp=ITNrZAJ1AwAkD3MkLHja8uht_a_mRQtil1sWnlNzwi9AkLCm&pfi=1&domId=5078253400103136894&dc=AMS&crID=17865793&lpu=www.marktguru.de&ucrid=708248947603563988&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3284&wDspId=1101&wbId=3&wrId=0&wAdvID=1122659&wDspCampId=5899827&isRTB=1&rtbId=DD242C2A-6CB6-4FD2-97B2-F7BB01DDA4C4&ver=5&dateHr=2023052209&oid=BB94AFFC-878C-4265-BB68-04F08496DCF2&cntryId=58&domain=idrlabs.com&sec=1&pAuSt=2&wops=0&sURL=idrlabs.com&BrID=5
Frame ID: BE861B8B080A1C3F0F931E968CD26DA9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR3yXxztb9SH0PNrMZjosobobVZvkzOG4XCaqSmlHviqUPL31lVQ8UNl1ieVJxKZ7g8LNtuRtHvZHOjqj-wH9WVbcUvyrs6lRN8mHpZL0V_3yS37LLRfH9Fnsaoo5Onx0TVxnyRJNeo_g3sgu9PlFSFTJxD_U9yCfKMxtZahhhH3g0gHBBlySKTj2z5JoC0iLqGXYd33o_Xcuy2dtQ98QlfwLiQCVZdUkFHtqhoWQfAdCReIU7eptVoC23oTZP6tSGnAfn-2igxd0hBJjF59MJkJbNluUYv4w2Sd4uksbwb9gLmdfd0Y9sa8a1Q4AiCvrMZ4M9gwKN7_tm&sai=AMfl-YRaQE98dJKwBvClJH5WZyblgD9z7pzYdCM-rnQ46JSEmqb3MCF_HSYCkP4kX0uQoTyY3hNoZo2lScyHKj8eIdtYj1ITQFZz5RUe77z2X53G1jq77gBztxYGkqwNoA&sig=Cg0ArKJSzDwRn8wR-oKJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6F1CD2D872A25C31F0B6DDFF4821ED17
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Frame ID: 665FFAB5D5713B7C5377D1249D02D49C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D7D5ECF41F8650F51DF6625A1936E668
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E958BFCBEA4EEBC7F2884508BD55F1AA
Requests: 3 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161763&siteId=951966&adId=4413083&imprId=A40A7D1E-4EAC-479B-AEC9-0FE98F9472C3&cksum=F346304E357DD5C5&adType=10&adServerId=243&kefact=0.060571&kaxefact=0.060571&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1684747041&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.075714&dcId=3&tldId=0&passback=0&svr=BID22524U&adsver=_77573821&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=ITNrZJl3CQAZZeJQIirhOAWXzGflVgVkHX-scZUIg5sAMvsg&ekaxefact=ITNrZKl3CQCnbY3V8BtgJ2PmTXKZarJbeWfx0HtAlHpUVHCI&ekpbmtpfact=ITNrZLZ3CQCwIDeNFfpq9q8R_V1h8rHVOo0rBqIf4uyqnY8T&enpp=ITNrZMJ3CQAm6f8PY8TfsnOAmFPqX0BOavnAMfoh3BKicm3c&pfi=1&domId=5078253400103136894&dc=AMS&crID=17865793&lpu=www.marktguru.de&ucrid=708248947603563988&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3284&wDspId=1101&wbId=6&wrId=0&wAdvID=1122659&wDspCampId=5899827&isRTB=1&rtbId=2FA4FE1C-5D97-4B25-AE79-15EC79F76482&ver=6&dateHr=2023052209&oid=A40A7D1E-4EAC-479B-AEC9-0FE98F9472C3&cntryId=58&domain=idrlabs.com&sec=1&pAuSt=2&wops=0&sURL=idrlabs.com&BrID=5
Frame ID: 795009F0EB9893F226B4A8A14EC19E3A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 43C2BBAEA6E27ADD52739265254FE17D
Requests: 1 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161763&siteId=951966&adId=4413083&imprId=94C1F350-EC20-451B-9F29-14C39B37DB89&cksum=AA2F5F9A74165F4B&adType=10&adServerId=243&kefact=0.060571&kaxefact=0.060571&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1684747041&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.075714&dcId=3&tldId=0&passback=0&svr=BID22637U&adsver=_77573821&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=ITNrZLjyBgAi0Tt9mM3PXfwmoOKGypIXQ1kHZ0yAFbcX4ZRx&ekaxefact=ITNrZMPyBgDTYkhSPCGQIzPqomNvt0Lx3xTWXCJ7WDLsXdeo&ekpbmtpfact=ITNrZMryBgCBz2XMCmARb5fbLDorHwGgHdTwCRGDJAHh4utw&enpp=ITNrZNHyBgDGRccA2JICsglYHqpX3bcUT1U-3oU2Af2Yw20Y&pfi=1&domId=5078253400103136894&dc=AMS&crID=17865793&lpu=www.marktguru.de&ucrid=708248947603563988&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3284&wDspId=1101&wbId=4&wrId=0&wAdvID=1122659&wDspCampId=5899827&isRTB=1&rtbId=E1B65A4B-EBA5-4835-A240-F337F5A72B67&ver=7&dateHr=2023052209&oid=94C1F350-EC20-451B-9F29-14C39B37DB89&cntryId=58&domain=idrlabs.com&sec=1&pAuSt=2&wops=0&sURL=idrlabs.com&BrID=5
Frame ID: DD55DE46715D5993F56F0AA41CF064D9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXOfojoOsczcQZv0N2AtRDftvWehVYuk3NCQBTRusBG10JihzmUJP4Ly4fTXeCHnJpBEpmBpPVTmxH9QnsFWXQgPkTFs8ae-H5T48Mt_Cav82kWeTYr7axynPwK6gVsqtW-VSspPDTUjmGBiIayiJr2p2PHKbdGED7m9gXaYqWZ21Ip9oAimvlc2sdwZG6zuYvTFsy3yuHPikHvqLAMkNmh1i1fMCmxu6McwnGGdhi-Ogo1zVpM5bExop1Ppk8ZsmANZ6fZ6j6BA1XaNd1CvD7eLVHREwTSR0yKH6ExIe9QD6I4pW3egJvBjIL8QrJZa7Gbhk5tyIdGQbQ&sai=AMfl-YQoAIJaFCvaPkYyueamJV_UciM00sks653zUlzH_Ueupqz4IgZ0FEseq4m74pYwHfKZQfJ73qsrTZ-KMP13mPb-s0CmUn80id1QIVgA7d_m-MKdwERrChuVOOlf6g&sig=Cg0ArKJSzBRWyhjw8r8OEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 178A4D4E1F7DD5669E431CEC7951F883
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuNa5ao89GJXJkL-3PnvX0OxDOG4M2vCItC6NSfovScW148wNylQABIfZNwiHFCq33W1CEC81ct23wF_FVgV5bSpZRK65PI8zE_gjRUMkjvcRyZlpBLQEU2pV55n3MiB0xx4OCkaSmqEGNS9OX5OVjBLPbzoMxkNhDO4VvFuXef05AFDVgwzAQKk-Vu4RNAV-QGDAIXhDn3sa2Jl1NsR2oienKe4CFnjUQyXeU_ji6ZxHo7ma0ZDwlUVxKgBdgnIMq8sjfHwn6wF5abbhvjNBqHFbUjAzEsnDHXcsRs15umhwEOZk0sKMDcTLSGjuaqQ-BYgwslfry8iCt&sai=AMfl-YQgt3w_bx_7Xu05fHXc5eO_1NIqFrjmsbg3KC2xYKJ3tfi5ODqnZ5IGD2WHLRrSBDrjTt0QW00e9HiEEMmyhn3HEaXY_5agXuTNNV0rl8hY_cTJ5rR_911JbtZ8kg&sig=Cg0ArKJSzPB22OtnQPnJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8A111EC91DD899FBC7D108A3AD11A4ED
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstT2ZQhqqzUI-KvEbyyovxT7jiUv0tUwN1VNNZelUM6ivEkbx5AmoE5L5EyBnRkUlA3l0_jh2Vfb7F59qHPkC5GiuTqUj8x3hCBuzjaFqY17e-zqzP25eqAhO-6HUrgApZAgdscVfY2sETG7juYSs2AVs1rTo7RiCHgOU2JJXijo48PoCjCsKYde814_K-E6zRgdhRHXTcsgBDasNIC-FhjA_ooPxS1XpqfIHMeNxj-UVh9fXVRh8muHjk-mDSZz6Oq6w4_Hnkj91jrRgtfN55JGjzoBh_2HXXzedCRpKCwD5nroD-Xvy2mDAS68jotv4Pc9wp9xPRl-nem&sai=AMfl-YRLi622YIpyiBq0Sc_2iGwlwxX2VehXW6dQLAyVn0PqOOa7M6AIOTiWeP1dH_RZJl853yxxJCGy05WYI2eSwie7dyqnYRxLM32UMA84VUKwZa3KvuD5gmaMMkgidw&sig=Cg0ArKJSzN5RdpOqx3ZgEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1C5154C2EC9ED020CA688B844DE2B7EF
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C6QGiIjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTHAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHcHw8izxuGO8aIgpBfTlchLbrRKmSmplnkdCPcBPtusVWrNNvzryABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02NTUyMTc1NDg4NzMzNzY4GLzhFg&sigh=uRjXvmu2LNc&uach_m=[UACH]&cid=CAQSOwBygQiDhgU_kSuWvZBB0374qFdauGVOYmFAneD3OBu8bKCjMxxVGHWJZbKtV1b1zA9aAWMkaBNhqdCSGAE
Frame ID: A32F5B70024815E45B0985ADE93F5A5E
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kdvh3dp15j615aqn17pvgn9e8kwbtjydsj51djbzyxqsk1z0w7582mm12y7tafyztftenfqea7s2ghxsxsgrk67j9h2vav90wkyqngcjmt1w46febxy9ymz8c4z82n5y257n5v7shkmz356bz55br2jeehfjjztbwb4t319zfr57r874frt6kcp7a0ybq1pe5hv6akknxa4snq88a57a480m4cjrqgkgz74gv0080daz7eqr8495p2sn7q9s2fdtyp49gv2302vvhe0c1xsm75ta85ecx3ezj2jb628t4tb6h3pp2nbft56c2rx8j4wjvdw6sabpssam2xng4ez0m5ekw2jf61fyx63rskzaabvajmsv1dmjgnxabxg8kzbqh31trejjn50ep9t17ttprrddvffh6jc0ygqyfxdhewew0jxyrhd70ce5m5s8yfkfj1qsyww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%26client%3Dca-pub-6552175488733768%26adurl%3D
Frame ID: 6C8903CA55B46034C5AF9096ADA3DC2E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AEC9E26BE560C488DEE17DEB23BEF621
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=2563153727&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747043&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747042771&bpp=17&bdt=324&idt=544&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747044&ga_hid=50036502&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=454400323&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074545%2C44788442%2C44792089&oid=2&pvsid=3252810816889326&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.epdhxjvor6bc&fsb=1&dtd=1032
Frame ID: 8657FC19DCE16FFBD8F2C9CF9C40DE16
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtmx9pmv7AZh19WgBm4M1CQkNdRt5yTADH2EXpj5PyiZfWNqS1Zn4cNV1hXoIIu-24yjbft8od4H3afX7NF-3Jelk0jprZ8vUBfP8lzfWMXMun7-yPLL64NF8FB2ll2n4mNzgHeylBfCdD8qBAnAPRzcK4VitL7kCNwsUaltes_v82imYvGyjAh-besQ5Yg0_XKBb2HPjLZIlwev741vzSaWt9lnhK352dPvseqLJWVWMclwgHNCBbNPntS7bOxSUSE3VOT0pbqIR8T843fDA7AzdaevsgVfjtK90q91PalvGaylvMXnteCWWnsczp435WAGjd_AsIVZoC&sai=AMfl-YSYFeZtdJn8mXJVOaRw_P3PJ9OUpK7rAio3xS9zNL4PwSsuqBJL0f1XA7_MFm5ZEp3MSybj5xZCm0RyyuvX9RATMOXH06h0nliBxw6EgnzwFUCxX0dXK95FhtgV2w&sig=Cg0ArKJSzC6Sb9E6mghuEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7DE7625B564452B996614F3C5EFCD1AB
Requests: 13 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1smkskj6ar06
Frame ID: 994F152FD652376BCC130C68C72A7D61
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QMnUUQaVnQURbaRa&gdpr=0&gdpr_consent=
Frame ID: 9137295CEE40618386D534E4597024F6
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: BC842FCB87A7545DCF1D50C536A95E3F
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674665837
Frame ID: 48FDD5641CF5019FFDB62CB2AD3B3452
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:69B69F95C0274999BF5E0F1EE083CCFE&gdpr=0&gdpr_consent=
Frame ID: 3C30C1B8CC702AFC397AA1BCDB8A0F62
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BE5459C19AF1126209978B46B9A536A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6E88513C72A804579328DC98C2258F8D
Requests: 2 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 616445AFD7294F223239E4A18FB0436F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 45C65CF4BC5968087D719A1B13BDC9BF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 19DF5E9A1237C8F6BF89A4BBAD2B22F5
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: D199E10EF6DA3A392FBEA8D34B639372
Requests: 9 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: A0DDAA4A6C286C3AE5B495AD6E9C2E54
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 9F1EF34555BB10AF8BC22C4BBA750BFD
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 2C85DF4C05A1786B634C14B6415E5EA3
Requests: 9 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0DDC88CA6162CE3C2079812FC01EC9D3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2EE94CF6699B2F8BAB651B1FFFA0415A
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 7C5B150CB36102E93494394BE6B1B8B4
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 14F57C298472C85DFEE9CCF1BC55B562
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 2CF671C35ABCEE77FBB0ECC9468F9BB2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 69E2BE2E4770D2A22C2D4453427A2CF9
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 00D57E14996D42B95FAAB371E3352870
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: E130862423779BB8667F23F4D4FB7246
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 1B1FBBC704CECB3F92C68DEF0CB83094
Requests: 9 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 06FC84D56C0C03DCD1DAAC949C17DAFF
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EEC35348C5F83D43A5A6E66FB85CB674
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 6D7700FD625D89C2262EB6E6BE68B315
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 83C2FFB668DBFA1640F833E666ADEA61
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7191939A31FCDAE31F686F953396D5FD
Requests: 1 HTTP requests in this frame

Frame: https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c35eeee__@@__645e319dc0486.jpg
Frame ID: FE75565D0107C4B2B93ABB2FA1241CCC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3448F74AF31A54E25D5D1436200323E6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E6B5733E7263A77B657B4B7B80B57D97
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: C67173201122143D57D0A822972C93B0
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: C223E508B4565E79BA5D654E0E506B9F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 60C9A783AB4CF19D80852914FD12112C
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: A29FA49C63CEA8A7DCFAEC9EFD03023C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: E4E08FDA45D565510406DE5A0EFFED7E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: F67F620CE42D73619C07360314E329D8
Requests: 9 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: EF165A52430CB8C004F2F1C94E46A068
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7E8404B7D875025F5BE167D8EB4733BA
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: B845FF53DD37374EC05F8C40DACCD82A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 65A52AB4E9521BB92271EC5638A52B37
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 4E34B70771049AA9C546431FF2E50B79
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 28C04EE550339965B359FECFE5D4C86C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: F972CC0A4D3575C5D3DB2913739BCAD9
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 286A2190B620B9DA4C9F30E1D603CAE0
Requests: 9 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1627554D24B4BCF1DFB60654D68A043A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Frame ID: 8C76C3B9B5E40ABB38A865A26110B4C2
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: B6EBFF7A2A8C4A8569215AF7202872C6
Requests: 9 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: 338CE346385BAD36C373F4CE9AC5385D
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 63F8B55474AB1B3D379D93F8201EAD6A
Requests: 2 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 9A90BF13D7E86CFBFB0034A6688161B1
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13401719
Frame ID: C7A05AD6D2B5D9350E781FB712B573CE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA07DA11EC9D53AB29687D92A88FAADB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F11F3742661221170D49F6A62E59ECF
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 406CCFA7C20433DA21DDA12AB0A5E85F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: FAC5F40237135932D5DBA4C8153D3B1E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 0AAB4C981E8E73A6086FBD0189958D2B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5631865AA2A7EF5588BEAF4AF2829DD1
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A9DACCF19DDD1F729DAF01D4BE05C96E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1E4AC44537A7286303AB4025C588258C
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 99F1CA223B1FA4C9333523954C855F2F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: FF376D92B8DF1A5E62F9E3E2A7871C4C
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A0C24B4571579CB1C72C71FF270A6053
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 306A5DB38131432ACDB07D4498800028
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2FF4A00DAAD87417D22C65BE336993B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D9D187CC7971DBB09B24965BBA7C9AFB
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
Frame ID: 737D5838E4065DB0B280483AE5528F8B
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: 7CB7F34308323E120C90BE6A3FE22552
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=2563336852&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747044&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747043295&bpp=15&bdt=358&idt=1266&shv=r20230517&mjsv=m202305170101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747045&ga_hid=30916317&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=3073078871&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074469%2C31074719%2C44788441%2C44790154&oid=2&pvsid=3375046558904824&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.h67oy5mpvtmo&fsb=1&dtd=1290
Frame ID: 00488197C3D966D42CEE5F03FC0C41BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=2563151533&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747044&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747043920&bpp=16&bdt=819&idt=857&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747045&ga_hid=1122604942&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=2222367093&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074687%2C31074690%2C44772268%2C44782467%2C44788442%2C44789923&oid=2&pvsid=2017429512034419&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.yvdpmnrblq6e&fsb=1&dtd=942
Frame ID: C418E306C8881C2EAE532C52DE0B772B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7485769B4B60CA276E8FF4CD0DBDF066
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 421A17DF2D1B7A8591DE860E5216A167
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: FB92CA63E0507D22A82B8F1014F7452F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9282506E163E507B25E93CB24BC16F9F
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DC6B8133420C980937BB09C27E3567F9
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 385BD0BA1DF33CA8A12CD06F3994A168
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7952769F71AD90CA6320081928FE5FA5
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 70929A0FBE957810D8B8850BE6F299C1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: DD5C7B26214C8C35DB275FFD6530FFBE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 74807956DB4E981C25416AD10F1F9A49
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: C111C92F59E6CAF27F27203DA5AD1874
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: 4166F33796A911C54D34AB2BA90B49D4
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: C093C1A787D9811657C361DD5F45C79E
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: 93AAE3077CF928F6F90260772517CE86
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: 9A13491D3F995A8E0AEF6CF7819D11BE
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 9D385CA0F23B107FEF8EC023812A38A0
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Frame ID: 9C558101D699114007D26549D6F1EAD4
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=2563221668&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747045&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747044207&bpp=14&bdt=1012&idt=1368&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747046&ga_hid=634486155&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=3094623070&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074546%2C31074688%2C44782466%2C44788441%2C44792088&oid=2&pvsid=4285984129490062&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nlz8yzoz6zre&fsb=1&dtd=1389
Frame ID: A945B71EE48E3C156C42A90D3BEF544F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=2563226765&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747045&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747044274&bpp=11&bdt=414&idt=1335&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747046&ga_hid=1988978573&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=3719534098&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071755%2C44785295%2C44788442%2C44792088&oid=2&pvsid=3805444719741563&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3x12r7jq4hlz&fsb=1&dtd=1344
Frame ID: 3CD223A62B959CBD4D8A457C8F340BC8
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: 7D638720E8FF319C82F1D8C83A0C3F33
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: 28E4826157C87BE6C419FD78C449E048
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: 2478F4468F9FF1CF2098B9CCCCCD9106
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: 2EF740646BF245D760F95FC6AD1A3EFA
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Frame ID: FDB6BCBE73A58981FBC4A13F12E8AF7F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34A8A88CC2DE3CEC49D9886DA64D67F4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DC8D0D630B2F3AEB5401CEE12769C8DB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BA7C47B92D722256E4CF527C2BE406A2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4755B18162986501FB1D70F59ECDA513
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E1F67EE5AB41CBE28AC38394A378A80
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DDFFAD18D75B255585C2CD5FC6832EA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 40D13B6253B6997D5BCBD22A4E62F2C7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F915DA79BC8FDB920E52E3A04442C139
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E9FF510AA7DAD81DE7A32A40974955F3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C8CC8F2BA08FF104CADC233DD044D4FC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E8C89C0212A844C0CC1D620BB17A15E4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00AD861F4357915E2A7A4E549CB6A887
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=50&e=&g=35bcdd93525dcdae24587dd9b5917447%2F3081943047882326971&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747046468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Frame ID: E3EF8DB0814A8C01DC3E974BF509C442
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugb7FwgC0c0W13-YtlkeuoL8mxjCpRqc93pGEeGpFPZfvh3dOcElvrNTFKbdetcNgUYMsaQoM2fZTDUKAGOpFTfi0iBUqSDabq_pmxa3r-S3wxSOASLyhWBQEGXKNZyfIIHTMAw2THEw-3kyYmUTx_MmJXp4hQ8aMxpNAAe96zz-7dun-SLf091a2arfflPfAN4jthb29KxMmPtGQlxTvO0QexQMTxZfdcCOTQqj89bVTVV0cKPlnbPqrLqLacV3HXHQsVChAJdWjDmS7b-DG1Tolo-uKqNt5vKvgsgb8_XPSAp_6NxCrh3d7Nn2Lvwfne-64XpAo38UTMxEM&sai=AMfl-YSPqivOEgpaBqteWVE3kdgOnewVI_Vsjn0KO203CxgoB99Pf8uPWWF07vsDrOLJQlwnzWZCWxL5Bn8sHqZ26HdWr2elTvhLQWhaFassFnKfP7lhdeJU7nemjEvdew&sig=Cg0ArKJSzBAM6FSrFueeEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CC7B0B87D70C840F751A901F30D066CD
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNU6XBwdsJynVlhXB0VTH6zEwRP0ggTOzwA639dbQn6K3jWd86X5L4w9ngSw3f4zQD42NbCGfRVMBUz7XOpUD5wPf8sFsvrAI8pvWPXmHDNoy537Yb1DTGVNh7UXYIrUET_PIbaREZ0_LI8o0VVEO5jm0aIHPe5WpiPTmbjQP97rdyYt-Uw
Frame ID: D2FC48BC1E63D7590A4698B5C05B96A2
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9SoxWTIcuMIsTi2d6L-0hIHG611CG8jkRIB9qPBq8FfgBGmzDGaCBwCMXuTf-E-XsGbTRKV0aTeDj0HTwXWwHmy5PdVinjF0FI2r8waZKYn7-TrMZxKTicbS5fvqFKnNgoWdGlxltY0PMa5bHLKgPibUvqVUBQh8ssmPRllEH7PVcez7jQ-A5pKGwxnx3UY8XJYSPWRFQxHrdqo2PugtFR0fPjEvyCPMbYOC1cOvBvU1n0Q0cZ0UtuDHxOym0X9FdT5_NsfdtW6g3DyrYUVlwunZOTQodAFGdPKhOJaLGItWKxAi02TT4RRSOvzLgd2OyxGsM8R5pqASVEo4&sai=AMfl-YQknGfD4ifTDJjnz6Hsqp3EL3Dk8ieVtk7R4CuVzKLTkBaIbojzNNxjOds-t0Essvm731da0iuW2t_0LI5vpV8Fgk5GD0lEGLU9fBC8ECE4714GKkvgVO91Zs1aLw&sig=Cg0ArKJSzHDxc8lkEy94EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2438A718E221C2147F410EB474BFBF59
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNUVImWBTxjsmlaTPRa6gnI81utB1FJPOmS3C6j5-GXRV0NmT4Oj99VZX8sh5oQxRCA4_5OazYto_vhAYarrpKYgRmY9bOH-Afg4Z8AfbPWSrgbEdr9ksET2_TS9hIO_c8x16SdzkfTGPct-0rBYYJnKvr16WuJevUekQ_3eLQpQ7e5vms0
Frame ID: C2F1B6D948F9EC0290723CAC27A8DBDA
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuxpLIFCOr9FEKbzJxysJlIy_d9-RjLONo3dNFZ5w6SsRDK7Pu_dtK0QcKhGUDkFWkTIyvJyYlke9IWukQbZaxAx9lOlvxmpHTo4NgzZBpY73Eqf6ByrrmMUlrOFrBtRhjtWgtnXSOfDbM4VuGpxp3rBalPL03FHrEHiLUmTEoQFNaj83kk7eOIHbx7voXXdMvGwBGOMra03Q0sYjNlN8jugARP1xzV_lan_rl6Y_oHlUmXfz7Qux4iWtDx7YYFaXTB7ddYQvEOlkO4aD8x4-1ACdN4DS6PYXeXNDFsTIydjFXC55b0kF08ArK6DxGw-hz5DrAvLypBU20Rw0&sai=AMfl-YS7G2zBt78TMokdBMHtJthPqWxud8uksJOBSfle4MjKIzVy4gk8RiGK7PZN4EX2Flc62zNlGdRt4aGwp9GAc9BW1gRcPnXojffz_9NBxoXg_UFUOe-SjwlvH_u-Bg&sig=Cg0ArKJSzM_eJCE3rfu9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AA56C009AF46962C108A8F7E4A654670
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNWYPfzVgyM45e5ebqlqWsx3UGLf00dJ4208UgmfxFGOoiJj1MpZJ_TrZiipdj83TF_x9EOV_Sv3m6AXG5qhT4c4S-lXWokudmAdsjN47fiv9Bowtg1JC5L4itl9hDDACFQmRbMsuQnwAPIEfWoUUiijM56uc7tvRFlghKQlfbV1JAcN5mY
Frame ID: A72F89316C35F7B3C37A46AE8960D19E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupnSfNlzvrivVfMqI-PsWUvz9wJRAEifXvDDuG86Mlf0hZppRqrooXKZVUKfpyo3g0IWHnMs6MxpqwvPlPtCRTXF_E3WdjFggXS2ke05tlaFo9DnEiFk0Gi_WmfgkEQmujDDvdRStJPYmays4K4XLfevs7dh0RtDK7YKf8LNuyhST4LXG_xuFLv_n7_iGtrStUBxubMfPWorq4aPuGBo_wXvExZn8Bg-Amf5yUQUy_8MYCnSbqMbGCJiRTRb09INdQUKfUMbEWpZnCwwZnZ121z7pbh0LRWBYU1SXLVClUB6-zODqoeIww7-ryX4ue3SwRZ8yMayEp9fEf2Xg&sai=AMfl-YTjglxyyVN9osB2I6CD73mHUoMQ1vbNSjq9lV2T9PnKidwrORZHUYcJPBhK-TgUX77a_YOm3MJY2Ffmmce-LjwCJm7xX0qEuW17pxzUP8235xD_TQZhLSPZrhRqeg&sig=Cg0ArKJSzHzx5sTJkt2zEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BE9F20A2906E91712E6C41745F82C2A4
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNVXFIhRiwTnDIgdv2gwkjZG7E2i1D95TNk-kmduXubToTCnfLjtCG54aT_SsevzdeSam3HkDZAlGxqNlKwp0s_k6STAqba1cHwjCdsJEHD15YkyF2wjOW4oSOH2ahBc5LDVQVaE-o1jndxzFCEhQ-dTfxH7EdfFIjOSxxK9-YSvUzcF4U0
Frame ID: 6E3D18F7376925DA654FFD1BA0F28277
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
Frame ID: 0642FC5080C7191F7B066C6F506725A2
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 4134D988DFFA68A5CEF50DEE9E67703D
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
Frame ID: 7811AC9614534C8655DA10E841DB4B5B
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D623BBB543FBBCB64C0EEC6C24CD28CD
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
Frame ID: 55C5C60CD17A83CCBB84A71690E81871
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
Frame ID: DE69BB2B9BCA2C21AFBBA1DC0A7B8DB9
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B246DFA4F53F6946D5932E36A5939AFA
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 46F36238BE7B3E825DD3EC0DA8A2E0AE
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 627AA6DF3E12540367114F5402AEE312
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 790C90C205599621EAE59A9283258D79
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 33803AC8A1BB9ADE63E360B6FE9D50E0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5D7C473DD5925742514A5F6553F5C612
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: BA3E35F108703E66FA4727DAE82049F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: 46F6E3651C8D043EB6F261C84B223F9C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: FCA50C3165C131C0C82C02655BCBDD9F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Frame ID: 2B2F2E96C72C07DFA6239A3364617C06
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHu4hE9FCRRvtBLEyB6GONhRQD9b_2CR0eLscACfGduMFft8XxWCuS8mJhMg4fwZzcbINmUzlMEsCYI-qVhSkJVe2C9Ud45HaRyHN8M_Z-Artwrka6uJjyWkB_7HyzNdcyQO3gJhXBfXqo31tZ6t7-_fS9l1vEKQTeAEWaPP1L6tA1kuR5-pQtMVwOYV5gBXp3CEBeQYhTDpsyyWaGKS_Klo2tEpzIcOCJJ7A-QgIrtei0mhohdUCK64JintP0itYSQu-M1t1EHtCOZO0R19aMGGmwe3qYzb3Qjy3PtHxvXpolaH4pGvN7xLsq1sE4-YdzNh6_YI9zCBOAiL0&sai=AMfl-YSa_u8j6wgtNevz6WphVIvMOCxANuZNzAjHrtURRdLhW5Jq7mCfayqdIdRGQx0yfGECoJk8e3puTaA1NpNw_vGriAf1I8QcIE3xwBCMkQK6uRm8Jy1P_E-XFaz0mA&sig=Cg0ArKJSzEexUZXZ4CpdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DF231E9130778E850CD7EB1D90338A88
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxDZ-Ky2BBiqpLPlATAB&v=APEucNU5SUkwvJCY4YxKwzhutaijn-VnrEpVJ0u_l8ZIUTgBfcQB_oxTBmnyf2krU3rQ4KXzp2jVSB2jv2H97W3MBHbowhBlJLbslDDkysCpyRk4jInc6ULUTXrxlhsM7S7QipV2h9dVOjExJIhnH2GUpdNWSjzVKeHdLtgtFL9fLuU2IAmzPbo
Frame ID: 3750A6549ACC95DBC1509634919B8D44
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 3C7AD068BD70B44E227CE3EB19BDD315
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/index.html
Frame ID: F4D25A6BDA353EC404328425897C49B0
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4113226833A6980F296D2F539E4F441C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Murderous Villain Test

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1336
Requests

87 %
HTTPS

25 %
IPv6

112
Domains

193
Subdomains

131
IPs

12
Countries

11502 kB
Transfer

26655 kB
Size

150
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=idrlabs.com&sn=ChromeSyncframe&so=0&topUrl=www.idrlabs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=J_iqnnw3UTlxbThHWm44aVVxdy9oeXpYaXJWMmIvMklFUTl2dm1SWHVFMTlObStwcjJpNVVIT1JlQmkzNmNvSUZxR0dNNzR5TDBCSGhEQ1VFL3IrYTZuTFRDd1owZFViTndITW45QnpmQyt4MHBIU3B5U09LdlpMcDYwQzRwUmlScE0yNTJNNjE4ZEU5aGl1QXR6UjdpbFFLZUI4QW5GMDhJNnhUR3hhL1gxOWJNR3hSUzNsSm1IQ0tQN3o2am5PbTBacER3VnEwQ1NuWFQzRXAvVk5pcVdNaWZHYS9QeEdCQytmaG9WOGt5d2pGaGRUR3JVOHdML2pRSmxqN0cvSlpTRVBpMVVFYWwyTE4xeWxKdG55Y1h1bFp5T1JoUFoxN1FzeVpFNlJydWtuNjB3ND18&cppv=2
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlzAIEOUlr0Vv8M2_u2ibE&google_cver=1
Request Chain 102
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGszHyOhLwzD3AlGz3fWEAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlzAIEOUlr0Vv8M2_u2ibE&google_cver=1
Request Chain 103
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENeq90KvoieQ3iZrmnR-dLA&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENeq90KvoieQ3iZrmnR-dLA%26google_cver%3D1
Request Chain 104
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2NjIyNDQ2OTUzMjEyMDQ5Ng%3D%3D
Request Chain 186
  • https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy= HTTP 302
  • https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Request Chain 230
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1684747040613 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=608202926 HTTP 302
  • https://sync.1rx.io/usersync/turn/3831658881924355672?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-76b68e41-a175-40c1-93b8-4b6a90b5fee6-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-76b68e41-a175-40c1-93b8-4b6a90b5fee6-003 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-76b68e41-a175-40c1-93b8-4b6a90b5fee6-003
Request Chain 231
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 233
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=163668ad-cf34-49ae-abb7-fe29c79d6582&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=
Request Chain 234
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAFy6E7I1mYAACFpYYcPWQ&gdpr=0
Request Chain 237
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=6N1C459lDHfifFalzzRb&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 238
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=8561191816879852939&gdpr=0&gdpr_consent=
Request Chain 239
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=d8Dg_HLH5K5sweKnd5b7pyKQ4q5swOGteZEHlseR
Request Chain 240
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=69647aa7-efc9-4af1-b8f1-129b8a104b42
Request Chain 241
  • https://um.simpli.fi/lj_match?r=1684747040507&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=5820C609F01342E89CC3206CB07BA85E
Request Chain 242
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=hBLLbckIbCYO&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 244
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 245
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=Gr_NqNZHNGX6_p-EToKz61xb&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:c8d56fded8ac0ebb42defdc45a078b4e
Request Chain 246
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 248
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=8561191816879852939&gdpr=0&gdpr_consent=
Request Chain 251
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Request Chain 252
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=9136218687624923075&gdpr=0&gdpr_consent=
Request Chain 259
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7a47646b-3322-4600-b475-a02dc6ac26ad
Request Chain 260
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_LiSwfm_lpPnuZCa_O6JmqnokJPnuJOQ8unBhIsA
Request Chain 261
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7205373100423319410
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1mtuWH_HugiJMfgJWorlc&google_cver=1
Request Chain 276
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0494646b-3321-4b00-ac52-38bfc9ea3e8f&gdpr=0&gdpr_consent=
Request Chain 277
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827988031191
Request Chain 278
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 279
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8564978026822791323
Request Chain 280
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 281
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8N-yDPXYtl7r3rBX8ImpV6WPsF7r37Nd_o67Xsz3
Request Chain 282
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8561191816879852939&gdpr=0&gdpr_consent=
Request Chain 283
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7235933438855739536&gdpr=0&gdpr_consent=
Request Chain 284
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGszIAAL5bHx0gBL
Request Chain 285
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGeTZFN0kxbVlBQUNGcFlZY1BXUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFy6E7I1mYAACFpYYcPWQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFy6E7I1mYAACFpYYcPWQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFy6E7I1mYAACFpYYcPWQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6405618297063099829&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFy6E7I1mYAACFpYYcPWQ&gdpr=0&gdpr_consent=
Request Chain 286
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dz0Zgdq1UfpcphIZsbr9z9lAlwk&gdpr=0&gdpr_consent=
Request Chain 288
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 291
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
Request Chain 292
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jnsMcj-kRAWBpnw5Pngarw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 296
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1767269548 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Request Chain 297
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=N2M1bVJqZzZtTEFUZXVZdzhydm9RbFF6Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7205373100423319410&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEU3QjBDNzItM0ZBNC00NDA1LTgxQTYtN0MzOTNFNzgxQUFG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBf2YgFfOhTVFjNTFvl6HW4&google_cver=1
Request Chain 301
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7205373100423319410
Request Chain 303
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-d_ETT5lE2uXcQ4Xi27KYurCTJlkCM5g-~A&gdpr=0
Request Chain 305
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=72ee1ca7-62db-46d9-a5ad-06afaece8bdc&ssp=pubmatic&expires=30&user_group=5&bsw_param=a55441b0-c591-46b2-8849-a4235ea4c0b0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 308
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8561191816879852939
Request Chain 309
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4191946852113995352&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 310
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ba8e5688-8a4e-44be-834b-b42e4cb154d2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 510
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGNQUiL3Ch240EWF3TZ9CfEk6IboJt7hbMmb4_e04ilxsKJwO1ButnkBPX2GRMQjM67a6aToCjAJu7ma12fiuWB8Tvp5myg_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGNQUiL3Ch240EWF3TZ9CfEk6IboJt7hbMmb4_e04ilxsKJwO1ButnkBPX2GRMQjM67a6aToCjAJu7ma12fiuWB8Tvp5myg_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sm9tY0dScVYxUTExRm81&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGNQUiL3Ch240EWF3TZ9CfEk6IboJt7hbMmb4_e04ilxsKJwO1ButnkBPX2GRMQjM67a6aToCjAJu7ma12fiuWB8Tvp5myg_
Request Chain 511
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMNpJDF_qFRN7Ui4VckFfc0&google_cver=1&google_push=ATf1kGPMbryTCO2k0eQXzeeii6hNs7bOMH5Yrgss_h28cd4cOrsgT-kTaAxuWNI77g7edJbgaGh6AizMvEhVT4DJEF6shZ-AuwJs7g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=BJRkazMhSwCsUji_yeo-jw&google_push=ATf1kGPMbryTCO2k0eQXzeeii6hNs7bOMH5Yrgss_h28cd4cOrsgT-kTaAxuWNI77g7edJbgaGh6AizMvEhVT4DJEF6shZ-AuwJs7g
Request Chain 513
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBNIlv2U1ys6Y922wfxe5-w&google_cver=1&google_push=ATf1kGPTeGb7QxYPNUjHYx0NnxfQiFuU3B7CYD3sYCqGwL_ueals9QnAH4tnO4BcJKRhtAnxq80G5hY3od7_S7wjDmhIEReEBFSjfQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPTeGb7QxYPNUjHYx0NnxfQiFuU3B7CYD3sYCqGwL_ueals9QnAH4tnO4BcJKRhtAnxq80G5hY3od7_S7wjDmhIEReEBFSjfQ
Request Chain 514
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPhyrvvqtsIRv8G34wqMtVc&google_cver=1&google_push=ATf1kGMadXB_HfTgr0zUSyqa7vwAterQXtC3lbwUXRwqEzcWlK2qwYtaSrD0Nx8OZuCJd1gVv3fSf4u963IL0ncGx8BiIvZt7GRo6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-C5ldCLJzIeBs2wv81fpPCibgk6OKS4YKefBIew&google_push=PUSH_DATA HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Request Chain 515
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELXX3m1QwlgOeRp-H-3QmEQ&google_cver=1&google_push=ATf1kGMNWd4_1hAhPj_W82sMEwQwhH0sDn4IgVmv9gDEaGvFXK0anTW3U8N0XR92YGg5873mBP1KX79AVU-j12SOAnhALHhB_dpB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMNWd4_1hAhPj_W82sMEwQwhH0sDn4IgVmv9gDEaGvFXK0anTW3U8N0XR92YGg5873mBP1KX79AVU-j12SOAnhALHhB_dpB
Request Chain 516
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESELZ0BD3zqx7sz38DYrqXH7M&google_cver=1&google_push=ATf1kGN_jI-hrtx762HxVOomZQ8PMDCJ32CkZLBMRh62Vpei1f6o6fWqyLQGnCb-rsNykscNqG6F097JLHhtgqKV-fjmMADuE0rU6GI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGN_jI-hrtx762HxVOomZQ8PMDCJ32CkZLBMRh62Vpei1f6o6fWqyLQGnCb-rsNykscNqG6F097JLHhtgqKV-fjmMADuE0rU6GI&google_hm=NTEwNzQzMzgyNzk4ODAzMTE5MQ==
Request Chain 566
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=CIOcgujLiP8CFWyJgwcd2I0JEQ;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp
Request Chain 599
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=CKKmk-jLiP8CFbDjuwgdsvAJYw;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp
Request Chain 605
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=COull-jLiP8CFTGE_QcdBDwByg;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp
Request Chain 663
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1smkskj6ar06
Request Chain 664
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=dfe66d05ed691090/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DEcv7Kmx8QMnUUQaVnQURbaRa%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DEcv7Kmx8QMnUUQaVnQURbaRa%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QMnUUQaVnQURbaRa&gdpr=0&gdpr_consent=
Request Chain 666
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674665837
Request Chain 667
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:69B69F95C0274999BF5E0F1EE083CCFE&gdpr=0&gdpr_consent=
Request Chain 691
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0494646b-3321-4b00-ac52-38bfc9ea3e8f
Request Chain 693
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=ab6714ed-d3a3-49dd-9649-9c75329955ae&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=U0c3RGp4S0tySnRyOWtKRExraGhiQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEAMsj_yXlvk0MFhBUB44rs&google_cver=1
Request Chain 694
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=a55441b0-c591-46b2-8849-a4235ea4c0b0&google_hm=YTU1NDQxYjAtYzU5MS00NmIyLTg4NDktYTQyMzVlYTRjMGIw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFd7t1krCXEcdPfQKuWbuQ8&google_cver=1&ssp=sonobi&bsw_param=a55441b0-c591-46b2-8849-a4235ea4c0b0 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a55441b0-c591-46b2-8849-a4235ea4c0b0
Request Chain 695
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827988031191
Request Chain 710
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 712
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Request Chain 714
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 716
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Request Chain 718
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 722
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 724
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Request Chain 725
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 730
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 734
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Request Chain 736
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 737
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 740
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 741
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 744
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Request Chain 769
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827988031191
Request Chain 770
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=f65b57da-3428-4375-802b-c61cadfcf72c&ssp=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a55441b0-c591-46b2-8849-a4235ea4c0b0
Request Chain 771
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0494646b-3321-4b00-ac52-38bfc9ea3e8f
Request Chain 772
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=3c3c7336-8375-40aa-84ba-b25c0600cb71&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aTB6bGxGcDdWX2Z0c2FhdFRBMDM3QQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEAMsj_yXlvk0MFhBUB44rs&google_cver=1
Request Chain 775
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGOoyVsLY8uVwFZ1JINyd9ukahlRcKKiGdKtzDCMNmLT4PpQ73tf6EcMww70vCnsccTmu5wRwRkkHp10o0FWQ2dqiBIrgsM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sm9tY0dScVYxUTExRm81&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGOoyVsLY8uVwFZ1JINyd9ukahlRcKKiGdKtzDCMNmLT4PpQ73tf6EcMww70vCnsccTmu5wRwRkkHp10o0FWQ2dqiBIrgsM
Request Chain 776
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEPhyrvvqtsIRv8G34wqMtVc&google_cver=1&google_push=ATf1kGMIBpCZUY6UX8PWveGFlBld2w1JWSHjfdHTArlOJMXk2LxpqGfa0CcXv4eompKUAEYVDMeMpxX3r7UHmkUBNo8vqt-G9M_s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-C5ldCLJzIeBs2wv81fpPCibgk6OKS4YKefBIew&google_push=PUSH_DATA HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Request Chain 777
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP6Ze4zsrlTZ5yP6fkgAgP0&google_cver=1&google_push=ATf1kGPFjIlMM4L4UILnpEgcvfYOhOSMJ1STCeET7ShzPK7LMYxoLtjYS0YQvoVouHT1APPvS2zgKncJrpqk6eRiyj2QD3lUFTI2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIwNTM3MzEwMDQyMzMxOTQxMA&google_push=ATf1kGPFjIlMM4L4UILnpEgcvfYOhOSMJ1STCeET7ShzPK7LMYxoLtjYS0YQvoVouHT1APPvS2zgKncJrpqk6eRiyj2QD3lUFTI2
Request Chain 778
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOBEsFMPZJrwJ2R6kbQqEeY&google_cver=1&google_push=ATf1kGMUwQsHaNd736Ly4nhu2XsEGn-y3p_2IHyRPS3UX-GusaW9bWtc7hsCTJfJymxA9Ki1Di_2ze9YBzzDsByLxKelvXZr9iOT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jnsMcj-kRAWBpnw5Pngarw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMUwQsHaNd736Ly4nhu2XsEGn-y3p_2IHyRPS3UX-GusaW9bWtc7hsCTJfJymxA9Ki1Di_2ze9YBzzDsByLxKelvXZr9iOT
Request Chain 779
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPSmE055e2JQcjVS_fmvvMk&google_cver=1&google_push=ATf1kGMORIMm18-Th0btSPtnDD_xgOwi3jTJD0PqNHxQjKHKu-75NOwnPZVFjY_tY0bq5AzKZ0y5FtoNpRWXrW0Gys9Lr6P9LZIa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZTVcwOTgtUy1CSjgx&google_push=ATf1kGMORIMm18-Th0btSPtnDD_xgOwi3jTJD0PqNHxQjKHKu-75NOwnPZVFjY_tY0bq5AzKZ0y5FtoNpRWXrW0Gys9Lr6P9LZIa
Request Chain 780
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGjNBVMJ20nrHKFHdghP62k&google_cver=1&google_push=ATf1kGMfPfGuub-4WCqYeZZ4p0JDdGwE9o3WmaIwieK3HcpK-tOAVAYjy8gAxE1qqan9u7fLMlRPc5yP2q4wJZpY5FsxKMI3lMqS HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMfPfGuub-4WCqYeZZ4p0JDdGwE9o3WmaIwieK3HcpK-tOAVAYjy8gAxE1qqan9u7fLMlRPc5yP2q4wJZpY5FsxKMI3lMqS&google_hm=Gr_NqNZHNGX6_p-EToKz61xb
Request Chain 802
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 807
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Request Chain 808
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 810
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 811
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 812
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Request Chain 820
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipus.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 821
  • https://pixel.onaudience.com/?partner=214&mapped=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=dfe66d05ed691090 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=66124555-3074-4e3c-62e4-ca5fd7f1c17a&reqId=e06e586a-87c9-4031-5e3c-130a2971237c&zcluid=dfe66d05ed691090&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELzeFiviNoUUCA29ZWAfn_M&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=66124555-3074-4e3c-62e4-ca5fd7f1c17a&reqId=e06e586a-87c9-4031-5e3c-130a2971237c&zcluid=dfe66d05ed691090&zdid=1332
Request Chain 829
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Request Chain 832
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 834
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 835
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 839
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 841
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Request Chain 844
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 846
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Request Chain 847
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Request Chain 863
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
Request Chain 866
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Request Chain 867
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
Request Chain 868
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827988031191
Request Chain 869
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8561191816879852939
Request Chain 870
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=aaca69f7-3e0a-aec9-ed55cbce
Request Chain 873
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
Request Chain 875
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Request Chain 876
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
Request Chain 877
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
Request Chain 878
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1684833445
Request Chain 879
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0494646b-3321-4b00-ac52-38bfc9ea3e8f
Request Chain 882
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
Request Chain 885
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Request Chain 886
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5dbc25c0-92a0-715a-a23a9109
Request Chain 887
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
Request Chain 888
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 893
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Request Chain 894
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Request Chain 895
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Request Chain 896
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
Request Chain 897
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 898
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d2310a67-22e9-4a0d-a113-26c9e488f65e
Request Chain 900
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
Request Chain 902
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Request Chain 903
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Request Chain 904
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Request Chain 905
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
Request Chain 906
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1700644645&external_user_id=200709a7-de0b-46c6-b1dd-7722fb6d785c
Request Chain 907
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_2d194697-4aab-4209-a57f-1640a5e7d7e6&bsw_param=a55441b0-c591-46b2-8849-a4235ea4c0b0&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&us_privacy=
Request Chain 908
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 909
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
Request Chain 920
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Request Chain 921
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Request Chain 922
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Request Chain 924
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dIULbnGCDzxvhAk1dNMQNSHVCTxvhQo_etR0W6CD
Request Chain 925
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8561191816879852939
Request Chain 926
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a4a4add0-4ac9-4109-b5dd-125f72c4ed68&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&us_privacy=
Request Chain 927
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1684833445
Request Chain 929
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Request Chain 930
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Request Chain 931
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Request Chain 932
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
Request Chain 933
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZGszHyOhLwzD3AlGz3fWEAAA%261119&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8be09072-7b97-4a00-bb4e-33d2fa14617d-tuctb64b8a5
Request Chain 934
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69B69F95C0274999BF5E0F1EE083CCFE
Request Chain 936
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
Request Chain 943
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Request Chain 944
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Request Chain 945
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Request Chain 946
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
Request Chain 947
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Request Chain 948
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 949
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dIULbnGCDzxvhAk1dNMQNSHVCTxvhQo_etR0W6CD
Request Chain 952
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Request Chain 953
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Request Chain 954
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Request Chain 955
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69B69F95C0274999BF5E0F1EE083CCFE
Request Chain 956
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827988031191
Request Chain 963
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Request Chain 964
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Request Chain 965
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Request Chain 966
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
Request Chain 968
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZGszHyOhLwzD3AlGz3fWEAAA%261119&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=27ef6d72-69aa-4022-8b49-0cd155943aa6-tuctb64b8a5
Request Chain 984
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CC-ACVG7SjmP2fX9ESXFXQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CC-ACVG7SjmP2fX9ESXFXQ
Request Chain 985
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Kucj5YEPXTBTwhWt8E0cHA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JpFYheVE2oL99Znp9joTidjOfeHZgLp3T8Kz9w--~A
Request Chain 986
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI3WKTD2c5QmfMbQ9U9Esqw&google_cver=1
Request Chain 987
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zmwpJ9SjSdWTkraLoCuI3Q&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=zmwpJ9SjSdWTkraLoCuI3Q
Request Chain 988
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHYMW098-S-BJ81
Request Chain 990
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjMGUzMjkyZGQ1NzlhZWJmZTE0YTEwMTU5MWU5YWMxY2JkMDAyMA
Request Chain 991
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhZTVcwOTgtUy1CSjgx HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPSmE055e2JQcjVS_fmvvMk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZTVcwOTgtUy1CSjgx&google_push=
Request Chain 1006
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMzh1-nLiP8CFebzEQgdjf0CjQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3Dviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052211172685158577873X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052211172685158577873X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Request Chain 1009
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1684747046_77a8e360-f881-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 1128
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
Request Chain 1129
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
Request Chain 1151
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
Request Chain 1152
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
Request Chain 1153
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
Request Chain 1154
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
Request Chain 1155
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
Request Chain 1156
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
Request Chain 1334
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_cm HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_2739&src.visitorId=CAESEN_uiSW4Mn2h5788KIgCGcI&google_cver=1
Request Chain 1335
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI3WKTD2c5QmfMbQ9U9Esqw&google_cver=1
Request Chain 1336
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjMGUzMjkyZGQ1NzlhZWJmZTE0YTEwMTU5MWU5YWMxY2JkMDAyMA

1336 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request test.php
www.idrlabs.com/villain/ 		114 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
150e3ffd65668b02cf342b74de5f6a09da4336b2fde80a06b860e12975ba8e79
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7cb3f718ddfe39cd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:17 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IV7OYpGtuLMgGmmCNmizCDn%2FAdHONyTb1baySSIbaHAlF0DAKT55nMTYifOrP6Hq6kEKXWo3J3iPH8LshzRE0gxHTlGAbD4nGrwSXriY9WOqArVWrfe9UunWutsItjAzKbOkAhPkjmhmC0IOZHs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
min.css
cdn.idrlabs.com/assets/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/min.css?2.5
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
525f3952a087c1026c64ffa57f80d305074f5258f0840148cc3fff717a21f44e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
525226
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 23:47:02 GMT
server
cloudflare
etag
W/"62bb92f6-5ef6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BchJIGFX7EQ%2Ff0ormWD9sJYXsNIsA4ix63phWRHBik7EcfuwzrbzExBtSiPZQRUZZTuNxg98xS%2BcebdpoUeG4brNn%2BCLpSMg7wu9HJtFwdYJXrdOSBQF7KgKyiDV%2BKHxAXIshAQdIl5dtN9%2Fuw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7cb3f719ff9d39cd-FRA
expires
Tue, 16 May 2023 07:22:57 GMT
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 08:05:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 09:17:17 GMT
test.min.css
cdn.idrlabs.com/assets/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test.min.css?6.19
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52b6ef58ea638d4bd03e1823b08e73aacb624eaf6036e41053f9c31437eb0a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329508
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Jun 2022 23:47:02 GMT
server
cloudflare
etag
W/"62bb92f6-2c4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtXk4g3%2FvBAIhihnqbTX2TKYUKyMHXax4a6aIpvIl1v6UY%2BwFYBy3AOsGhB4PXeoiTeqF%2FRcdR2P%2B9QUePQJXX2oQsUxNzFgx3YBa3Mk2oNYrXZulNdZgXYh0sApFUUdXgC1BgqnDlESJjRdojs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7cb3f719ff9f39cd-FRA
expires
Tue, 23 May 2023 23:30:23 GMT
test-link-unit-compat.min.css
cdn.idrlabs.com/assets/css/ 		730 B
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test-link-unit-compat.min.css?v3.2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5588fd5e5a07fc4a6a51a8eba813ba8023ea2b23016f2aee59ac00da39d3da14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
452946
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 04 Nov 2021 17:50:02 GMT
server
cloudflare
etag
W/"61841d4a-2da"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRsFf3Y4obJ0SkCigDyHfsSiPi0%2FoENuhCFkHkWwj%2BIPT5t5Avb4q%2FsJw20wVRAJOmcFDBEGNKLtYE34Kb5Q6Y5r7i9Q0W%2BSvi9%2Fldh7ScKkVnaQnoDCvgzzeO9mt7DtpB9NpGLspIWkQj2EVjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7cb3f719ff9b39cd-FRA
expires
Fri, 19 May 2023 22:25:42 GMT
test-villain.min.css
cdn.idrlabs.com/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/css/test-villain.min.css?1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d2b1ad45bf09c76079e614748fabe88052260eb813d456667c832096a461343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
418048
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 27 Nov 2017 10:48:29 GMT
server
cloudflare
etag
W/"5a1bed7d-ce9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtannFrF5nVcpYeJ1iaFAvLYBV%2FvO3drt%2FwgsAyuz6NZf8NBMEMQ2UjsqGcyTujIM6JEwyiw8gJND8EdTaEvBgg4F64V9jEMFjsUzd91PGAx3SUind3l9JOBRGpALWS49AKx2tLFf7uBktj%2FikE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7cb3f719ffa239cd-FRA
expires
Tue, 23 May 2023 01:11:17 GMT
54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
monu.delivery/site/b/d/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
7b29f70c73488befff17a93658fc5b8ab3b70c554da733e0723108cd37056d33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdvMQOXblCPE3iPn5_OaG5FR6Y0QMYbIxCkpff-62pO0YirYY3OWqdvMADypI_R7sfqVaB2XkP3s1lwVCyD4KvJT7oGFXFQ0
transfer-encoding
chunked
x-cache
EXPIRED
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1684731384353393
content-type
application/javascript
x-goog-hash
crc32c=xnVtfA==, md5=ATgZ5DTaG0HaXvQjtkH3zw==
cache-control
max-age=7200
x-goog-stored-content-length
50499
expires
Mon, 22 May 2023 11:17:17 GMT
EN.png
www.idrlabs.com/static/i/test-flags/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/EN.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
567d523603299b74fdce2909d8376036cdc81280b8f562fd00edd01795886e02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/villain/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329346
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3793
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-ed1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjjhTF0i219K1mKcqEErx08JrsoJcNwdG%2BMDGd9mxN41QC5WceQxDtRIi7Pgm5hQNf6tFyfdYo9N5zszPgu%2FFkIcFstlsy2LrRiBO9bV64MX1vF8Xw%2BtC6nmZ4C%2BPUQbZi4a%2FupAMGe2nEM6Lo0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7cb3f719ef7339cd-FRA
expires
Fri, 19 May 2023 22:00:40 GMT
ES.png
www.idrlabs.com/static/i/test-flags/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/ES.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13626b600e6da99f04fbed63da9b9c46264dc36302e7c2ef10bfa31cd325aa1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/villain/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
453131
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3358
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-d1e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5kJrGb0FlR7LpSyAW8yJ4%2BNG8%2F2TFwYxmFMcSoDEybgsynuA%2FEtIQwH1UrL%2B%2BGTglwTidrK7mdtR%2BDdsLdPhgdicLN8nb3xb91zrIzRPvu0CUKbbFAmSpthS8QVAPu72A0TbRwtCY%2FPGHeXVAI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7cb3f719ef7439cd-FRA
expires
Fri, 19 May 2023 11:43:17 GMT
PT.png
www.idrlabs.com/static/i/test-flags/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/PT.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a23c0b6ee897564c4d6265aa560fb11a454756aea0a1a4684d5d2e535a4bbe7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/villain/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3830
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-ef6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbVfVRn1sGIsUNVWDYy2WmLlmkXfYEf7LHre%2BfLOo9ptE1a1mH91sYbnbAeHFrq5M92bJ70If7qqTSt1aDJgMguzWBKcvcln7HGgTabtIhdQu9LUycTQfAWzUWKKilH9VmZe6hsru1aNfyU13LU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7cb3f719ef7539cd-FRA
expires
Fri, 19 May 2023 13:20:18 GMT
PL.png
www.idrlabs.com/static/i/test-flags/ 		138 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/PL.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465ca6bd59306caeeabd0293a7138e20a6c8121417b8f02150c2e7d7486ecfa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/villain/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
329346
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
138
last-modified
Thu, 03 May 2018 19:03:12 GMT
server
cloudflare
etag
"5aeb5cf0-8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tp7MKYes88eeOwIFmeihLsWEYsiiMl9GQBzadm6UmsqqbXCpYZ0L5hfj2shPAd6IFwQGl5mV9OdLxdWEUPVZZVm4atFstoR9GbQAiSoDZoF11cZAlTs%2BPbYW4n9emKKWH5fz4EAdSE%2BrrRB03Tc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7cb3f719ef7739cd-FRA
expires
Tue, 23 May 2023 12:22:40 GMT
TR.png
www.idrlabs.com/static/i/test-flags/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/test-flags/TR.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eac50110be4f302279ca9c75cdccad805f49d22d6a3271468270a01ef3a6bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/villain/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
453131
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3778
last-modified
Mon, 07 May 2018 17:43:08 GMT
server
cloudflare
etag
"5af0902c-ec2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rulcEILg0otSbFZvUou2CKNuaY1sUMtZlweCgIGmrNmU6pKW8Wry8t%2FyhzAslipBnN63N03lbBTd9AplBFqBgzivc2kuMMhf8iNNffjTga2W4RinyIFY%2FQfhJag1XzEfrXnGKc%2FAzelKz1Zdxjg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7cb3f719ef7839cd-FRA
expires
Tue, 23 May 2023 12:22:31 GMT
lenin.jpg
www.idrlabs.com/static/i/villain/banner/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.idrlabs.com/static/i/villain/banner/lenin.jpg
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b4e7e9789e20cd1d28093e68d61f61274eaedc0255ce3901a5f34aac14c0bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/villain/test.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
131839
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
108533
last-modified
Wed, 06 Sep 2017 14:28:02 GMT
server
cloudflare
etag
"59b005f2-1a7f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbyJ1FsVkuyF1tIfUdotWxAk%2FKz%2FXzOwNviJ8I4mPGbDTdPyc4KwFvdh0sGHt0B2OmvSHjptu1q4KF%2FkRQfZMWwhrnyXRUNe%2FerRND38HVswrmmu3ixjvtk4Ltfb5UrhBnpO9WYn%2FUwswsqV3%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7cb3f719ef7939cd-FRA
expires
Wed, 24 May 2023 11:14:30 GMT
eu-check.min.js
cdn.idrlabs.com/assets/js/ 		373 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/eu-check.min.js?v3.1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3e7ea17b518b4f09db510225a46097ba164d8a96537d2102884f2abfca0ec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
452946
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 11 Sep 2020 04:03:01 GMT
server
cloudflare
etag
W/"5f5af6f5-175"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZisOhxwchlN1rFo29CLIqs%2F9%2BWVhI%2BoRr53NhftZ930PPkuMk2mcKf6tBr%2FbI%2BbYPLEgpCdneKFj3zLC%2BpM0FSOOqZEi4BweXobs7mRCWfEjbqcVVuBWE7OGsHEgMTkbyKNPZkMjXADVJCiTIDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7cb3f71a0fb539cd-FRA
expires
Wed, 17 May 2023 07:41:27 GMT
test.min.js
cdn.idrlabs.com/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/test.min.js?1.4
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ece968a476cb06e069eccc7e3bd495dec6d40483f7e906b910ebf330b565a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
365378
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 May 2023 03:30:03 GMT
server
cloudflare
etag
W/"64659bbb-ab2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ij796vHttaQKy%2Fw3vFXWYLssMbvzJWOtIVAz%2FU%2FIK%2F5ZYgIe%2FCCOo89Xg3zYImhNLcaLARfr%2BzBgzZf8bv6Eg8houRahZTpxmTMfdbCQOsv4kqkSdLYbxLiAsXpbhJktU0nP0FBN52NTdeYDuxE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7cb3f71a0fb839cd-FRA
expires
Thu, 25 May 2023 03:45:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbb5945c32fa63829147f5f00916d48b0eeeb1944a45abaa72b87291870aec0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47378
x-xss-protection
0
server
cafe
etag
13642764985276124982
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:17 GMT
js
www.googletagmanager.com/gtag/ 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WZ4R7WY0KV
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e95b1cac96007a1a5b9f7084e1da7875d37e9bc6ddb8eb0ada032b99942c09c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83309
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 May 2023 09:17:17 GMT
mntzv2.min.js
cdn.idrlabs.com/assets/js/ 		304 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/js/mntzv2.min.js?v2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd9a3e5f93beae071bf6d215271850facbb94b138d92cdae5e749fe42fb14c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
234905
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 09 Jun 2018 18:48:05 GMT
server
cloudflare
etag
W/"5b1c20e5-130"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qR727AM4vx7r3VIt189Ao40ODgciO8%2FaDSWrqjopDMpjkj18BSM9fAgKH8ZOCUayFGvrNMPq27DelngOy%2FrURC5B6Mq06Lsx5vw%2BBwr6IsMIhUGDfZTIOEzaZCaz36Pu6HOuc8oca7u6MLBCTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
7cb3f71a1a262ba2-FRA
expires
Mon, 22 May 2023 16:24:35 GMT
logo-2--banner.png
cdn.idrlabs.com/assets/i/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idrlabs.com/assets/i/logo-2--banner.png
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe889951d907fd5d1b2c128f6f4849737e3c4388647555228e23e4856ed57a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
437225
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19975
last-modified
Fri, 27 Oct 2017 16:12:45 GMT
server
cloudflare
etag
"59f35afd-4e07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pF3GJlfphQJmxezUeYjAi4MDv4Dl06fz4NkookVRzaR8Dhh5P5PoU3yCDTlyZw4qzuHH7zr%2BowsB3cCXUKYscJTHL5Vg5PIeWq7uGnk9Uo9XeVQ7V7zytCJqzFEcZGin2WdZ2RKRtxcqAK%2F%2FE%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7cb3f71a4a912ba2-FRA
expires
Tue, 23 May 2023 11:53:52 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 00:21:44 GMT
x-content-type-options
nosniff
age
204933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 00:21:44 GMT
fontello.woff2
cdn.idrlabs.com/assets/font/icons/font/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.idrlabs.com/assets/font/icons/font/fontello.woff2?18854377
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:9d48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a17f75640ea7fe968eb8de7ca2e6a8b175b4eac410acb50621d4cd9fc951c5

Request headers

Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
446004
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17944
last-modified
Wed, 06 Nov 2019 15:52:27 GMT
server
cloudflare
etag
"5dc2ec3b-4618"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFeyU3jleYMzTtxAOB3Geaq%2FthBo2zEA5jvwvBOcnaYNHSYRkTu5GE6H4kxvfKx2uOGkaMxNkMPu6InBKLXYVwiIhIqQQzC5EH66426Zb4AwxvdZelQ6PK6rE9TIZhoMbiny%2FRKb9HT8hvpg67M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7cb3f71a6a163609-FRA
expires
Fri, 19 May 2023 13:17:35 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 12:23:10 GMT
x-content-type-options
nosniff
age
161647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50440
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:13:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 12:23:10 GMT
logo-2--icon.png
cdn.idrlabs.com/assets/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idrlabs.com/assets/i/logo-2--icon.png
Requested by
Host: cdn.idrlabs.com
URL: https://cdn.idrlabs.com/assets/css/min.css?2.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e0138178b68ba97b31998b5f81143ca66fab58aade2e92ae9ba3a600decbe66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.idrlabs.com/assets/css/min.css?2.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
445141
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3767
last-modified
Wed, 06 Sep 2017 14:27:59 GMT
server
cloudflare
etag
"59b005ef-eb7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2OVu%2FzG4tOcOC35BwFmwdt1BVqj93WgcqAUNzDrTpfG3J67G0eSyOgevGPNR31S37IVFv5sNYuSbLorwBuoJr5xcCSjb4y%2Bcn%2FoH1DjMgdw7MiSk7IMfcn2r2aUEwLtT%2FE4ZC9n3%2Fle3RTg4OX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7cb3f71a7ad32ba2-FRA
expires
Fri, 19 May 2023 10:50:01 GMT
adRecover.js
delivery.adrecover.com/34059/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/34059/adRecover.js?ts=1519175564631
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2a46af680186b2de194a227018f8c506cac0732cfe996664376990c8a834b6a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-country
DE
date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
br
last-modified
Mon, 22 May 2023 07:00:31 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-cf-geodata
DE
content-length
10534
expires
Mon, 22 May 2023 10:17:17 GMT
ajax
www.idrlabs.com/ 		26 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/ajax?action=eu_check
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bce502c2075eca34d6f4d631801d70e458714824003a3859565e44b3065e5b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.idrlabs.com/villain/test.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s49PTA5Sypj0GhwafXKWw7HVR%2B6mxEEI069m6zfW7WcxAiBnOFmXBtecm9ArFn3MxTq5x3dLf6M5Hk2odlGQhtlfIt2cQ1jeqYsr3%2BijJesO5lObh0x3kE4VPh3TgvuvXc8oPW78pi5fwHo2Cjg%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0
cf-ray
7cb3f71acb6d2ba2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
expires
-1
test.php
www.idrlabs.com/villain/ 		127 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.idrlabs.com/villain/test.php
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:866 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0199cbd6b349af55927786ca479817fccf65fa7dadd38dd593ed6c26cf853d46
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.idrlabs.com/villain/test.php
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7Nu3330YTDRvkcOqCb%2Bz5%2BzJm7CLEHFL9ytunwtQEbaHTvH4LPXmmtBrlC0U7qE03uJrSLwMgCZMLuTJUkqDgOxaanHRROTVitShDcJFkyjh0k%2FiqGRxsaSLScweSF2Nsj3pcO5Jfsu2Mfwa2s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0
cf-ray
7cb3f71adb7d2ba2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
expires
-1
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WZ4R7WY0KV&gtm=45je35h0&_p=1601737721&cid=215484772.1684747038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684747037&sct=1&seg=0&dl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&dt=Murderous%20Villain%20Test&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WZ4R7WY0KV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/ Frame 2DDE 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63606
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 May 2023 15:37:11 GMT
etag
15057649708203361565
expires
Sun, 04 Jun 2023 15:37:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
monu.delivery/sitesplit/d3/0.5.3/b/d/ 		526 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/sitesplit/d3/0.5.3/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
4cb0de6f5d5b6eb32ef642f8f9760f77a18309abfc3ecddc8772d41320105d43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdu9GDGsUOW_BoNrnz5iAEmI3GylDYCLGejdx261njIHj5U0DKnpo1XPkipWSghWJ8h-lxIxQ5N3BaLozwPrp03PKJir4R7-
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1684731394633685
content-type
application/javascript
x-goog-hash
crc32c=jRLWng==, md5=r7K1voRk7G9oIjy2UzEFtA==
cache-control
max-age=7200
x-goog-stored-content-length
538413
expires
Mon, 22 May 2023 11:17:18 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
gzip
age
867
x-guploader-uploadid
ADPycdsqu33Zltf4-3r5GBFGqC39yddhJ-nDvNm8M1hdJhO1k9L7pqw_qeaEN0P4Fz13LIB-IUob_A_eupDV4ydGjlfzRQ
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Thu, 16 May 2024 09:17:18 GMT
block.jpg
delivery.adrecover.com/ 		631 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1684747038051
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-akamai-country
DE
date
Mon, 22 May 2023 09:17:18 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
accept-ranges
bytes
content-length
631
expires
Mon, 22 May 2023 10:17:18 GMT
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 2C77 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Mon, 22 May 2023 09:17:18 GMT
expires
Thu, 16 May 2024 09:17:18 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ADPycdsZtmAqNtbtJy-g4sARQehtfc_pKCTr2vBkOAoEru5ImTkMrmsH-9Eu5n4FK10tSTz3ImfBkvE7V4pO6ureecLZltCBXMfu
config.js
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		143 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a67d035d67254f5df323af594a1c712e3686feda92927b51ad559e090fdce411

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 08:21:25 GMT
server
cloudflare
x-amz-request-id
K9Q5GKBD086H46H0
age
892
etag
W/"976e6680cb72984fb595adf26b937e0d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7cb3f71d38ef696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Psjy8Co5yMF0X9d4NBGInmvEpDrwlFmERwI4yddBdkXCvZ+jT+ziW2DRI8pS+6FRJzxZE4AQBsk=
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-77.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3004a2de4e23038e1fc39498bac9861b53cce7b4dde3faf285bca7538c0eced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 16:37:19 GMT
x-amz-version-id
5tDFU8EOTT9ldukOsCr3jZvUw0akwQd7
content-encoding
gzip
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
60000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Wed, 12 Oct 2022 20:19:33 GMT
server
AmazonS3
etag
W/"9c721bc4954770340a2d3b58e1188c30"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
8dziIKff9QxDGaer_0cNPsmR3jafLPRf8zdwjwdDNG-YRWk4XncISw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecfad2aa434bc580d778d7c1c8ca1a7a2c4b98e0accc741f4a041766a8ba8628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25327
x-xss-protection
0
server
cafe
etag
195 / 19499 / 31074664 / config-hash: 12351717780372853951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:18 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 08:43:39 GMT
content-encoding
gzip
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P3
age
2020
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
eNaNKfO3rrYBnwH6mUe4f3JgJzAe7-ieWYiKfp5RoFbgSiDIEZNuFQ==
tag.min.js
get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-22.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2cd2838d9537e8b405992bfa4ef5ddd9ab98461eec351ff661d7b9d475839dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
1jhMJLDfRS0M5xXrIqyfpVToZqqa5Wvn
content-encoding
gzip
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
date
Sun, 21 May 2023 13:41:28 GMT
last-modified
Thu, 23 Mar 2023 13:59:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
70551
x-amz-server-side-encryption
AES256
etag
W/"01e9bcb0a0243d190a7c07184514abea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
uMmfOTyNCOkdws6AUvT3w_XCIQmwOWjISEcTGESnF3OFJv_CYuSpSQ==
182762-63174106385307.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/b/d/54a1fb-1ef4-44ba-ab83-7f8481ff624d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Mon, 22 May 2023 09:15:14 GMT
server
cloudflare
etag
W/"90383a-930a-5fc44b5621257"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7cb3f71d692e9274-FRA
expires
Mon, 22 May 2023 13:17:18 GMT
launchpad.bundle.js
launchpad.privacymanager.io/1/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/83a6a70f-7f1f-40b2-8473-de5fdd6f6b24/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-23.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding
br
via
1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
date
Mon, 22 May 2023 08:57:31 GMT
x-amz-cf-pop
FRA53-C1
age
1188
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
a78f2a5a4864424e54348ce47b156abb
last-modified
Thu, 10 Mar 2022 13:10:48 GMT
server
AmazonS3
etag
W/"3e312624cdc2445a38a716f92dc3c0cd"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
8leopS4_7F0tQLSV5T7LNbGGG2w6Hf8S2oXIEPZ0ktiKlD40DTyGHA==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202305161109/ 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202305161109/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 May 2023 15:12:41 GMT
server
cloudflare
x-amz-request-id
HSV2XXMR7XEPVH6H
age
493144
etag
W/"c445da83949e16f2c7f56d37a9f719f0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7cb3f71d794d696a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
zv4y8WGR+H9Y/dTzatVDIrevDKXwj/izZf1jo+AZ5dAJ1IYpkKPjdji504Eg1bJWmmeVD7pvfdVqmufYcPKN+Q==
/
onetag-geo.s-onetag.com/ 		555 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-48.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 08:46:33 GMT
via
1.1 31035bb61f7468c9d95f8f0f36403248.cloudfront.net (CloudFront), 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
BUD50-C1, FRA56-P5
age
1845
x-amzn-requestid
00ad8f59-1af4-4835-8677-60c46989c053
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
FUPMkH5liYcFf5g=
content-length
555
x-amz-cf-id
mQ3iIy6c8yPhx-KiAvyO-Ze9DVpTUPVUcdqLuM6dGhJFr0ePAZfexQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding
gzip
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
date
Mon, 22 May 2023 01:16:05 GMT
last-modified
Wed, 01 Mar 2023 12:13:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
28874
x-amz-server-side-encryption
AES256
etag
W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
EQkqSeOoYc1Jchvo_cJwhtID4I3PEVRJvzuZi2tqa3qTszEHP12uQg==
%2Fvillain%2Ftest.php
signal-segments.s-onetag.com/desktop/www.idrlabs.com/ 		841 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.idrlabs.com/%2Fvillain%2Ftest.php
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-70.fra2.r.cloudfront.net
Software
/
Resource Hash
ff18fa82fc709b4c1b881f47184c633261d35c796655c8c63f4e901f8499fcda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
content-length
841
apigw-requestid
FUTszgcAiYcEP2g=
x-amz-cf-id
Ei_ZJ6fYoKVheG9uDC3ER75wqck5HJpz_Eby1z2DBRIMJcq_rpX3WQ==
www.idrlabs.com
signal-segments.s-onetag.com/desktop/ 		1 KB
565 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.idrlabs.com
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-70.fra2.r.cloudfront.net
Software
/
Resource Hash
3de0d577b66fe1d7d7bc3cdda4b3b099538598640a5fe27258ea8321e500c036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 01:22:21 GMT
content-encoding
gzip
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
28497
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
EXGkA_skpw0Q46PKUeOvd4HoGQDxjOCAi8jVdG-hEa1tfP5ykpetlQ==
apigw-requestid
FTOIHjo1iYcEMHA=
/
geo.privacymanager.io/ 		28 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept
application/json
Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 01:13:31 GMT
via
1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront), 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
29027
x-amzn-requestid
d88b8c76-c15c-4f50-a8fb-ded30769c70c
x-amzn-trace-id
Root=1-646ac1bb-6a15425157200ddd4f93c3c3;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
FTM1SGaXDoEFX0A=
content-length
28
x-amz-cf-id
B7SV_en5-UDTfnBS2WYmx9ivCggInblTU198qZZDiSF5N2tKFEaREg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Mon, 22 May 2023 09:17:18 GMT
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront), 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-apigw-id
FUTszG84DoEF2Pw=
x-amz-cf-id
hJarGrWWKLlvntv5EJdpbmQZm90VEzCI5nFPd_RzoTGXXRXtEObb8Q==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
a8a63a60-5c21-4c77-8c92-b2a396edcf05
x-cache
Miss from cloudfront
config
c.amazon-adsystem.com/cdn/prod/ 		742 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.idrlabs.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f514543170b7d33d558d367a0047faf7d003acddeb3857f2cb929d6bfb5af190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:08:17 GMT
via
1.1 4c692717a0e85914a993c3aa5c8a2ef6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
7741
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
742
x-amz-cf-id
qaDUbX_bITxum8BE4ItuNhxFIJvwKMQIFo6BXPmULPl12tPSNEH6Ow==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&pid=bm1Zih3XoW3Tp&cb=0&ws=1600x1200&v=23.505.1627&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-5bf5d574-b65e-4bcd-aa55-03f1e14abdf2-ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C21807321066%2FFJ401M%2FFJ401M-DDA.A%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
NFV9C0C6MTGF9MW729JE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
MWqpQtA_X6ddjLOVULw7tfbZ6_UHwU-YLPddKKN1wOaGZ0PoNjfX2Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&pid=bm1Zih3XoW3Tp&cb=1&ws=1600x1200&v=23.505.1627&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1-ad%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F20842576%2C21807321066%2FFJ401M%2FFJ401M-DDS.B%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
H89ZMNYVF7V2AF0GRX9V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
FDnAWuKuJr8_OIdhw44ONxDw9cfT4Am_FVJz0sXebKGmviq3yZqNog==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&pid=bm1Zih3XoW3Tp&cb=2&ws=1600x1200&v=23.505.1627&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-82db8863-a5a9-4646-bfc4-7efa7ca1ddba-ad%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%22%2F20842576%2C21807321066%2FFJ401M%2FFJ401M-DDH.C%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!monumetric.com%2Cbd54a1fb-1ef4-44ba-ab83-7f8481ff624d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
6EQTT9W81MM9W9KG6E8G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
jF-6IzMFE5FAN5MPjXA0Tq0FT2-JwoagBJhwP99uxkmYENfsK0E0Qw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
date
Mon, 22 May 2023 03:50:49 GMT
x-amz-cf-pop
FRA56-P3
age
28577
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Z0fN6mZ8zGxvOgIRjhIlZtRql2fNquKu4_O1HrfESPnGCwF6FOK-ZQ==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
B9574BVRG1ZSG4HV
age
503
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7cb3f71e1c4e36dc-FRA
x-amz-id-2
j5ARhHB85BlZgMnEqsC8+kh6KnF793iwhqx1Mde47N7jFrubuoTEiNak6sNAckEq+EEOR+ly0AgnSz14OHqLxg==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.0.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-0-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 09:17:18 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.0.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-0-142.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 22 May 2023 09:17:18 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:40:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
49004
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128722
x-xss-protection
0
server
cafe
etag
7615930951174331818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 20 May 2024 19:40:34 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1015 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4053a2d92fcbd6c8650c687fe22ae3f8662c000b1502044ffd23e33f87790988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
414
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:18 GMT
mmt.gif
imps.monu.delivery/ 		37 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=1e5c3c1e-3d8c-4ed0-9e76-fbe95430333c&a=s.d&u=5bf5d574-b65e-4bcd-aa55-03f1e14abdf2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:24:49 GMT
age
2566349
x-guploader-uploadid
ADPycdtQ2tQMdZEaZZmgzEqkDMSyv4NNQmbPCpE2-oXqXDipJ-n68cjvFdlZJsxyrlVY_dZOZ4oGdeyn04RfYjnQ_OW1lUweudPP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 21 Apr 2024 16:24:49 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=1e5c3c1e-3d8c-4ed0-9e76-fbe95430333c&a=s.d&u=2d0f0d6d-fc37-4e97-9fd3-f4a783efa6d1
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:24:49 GMT
age
2566349
x-guploader-uploadid
ADPycdtQ2tQMdZEaZZmgzEqkDMSyv4NNQmbPCpE2-oXqXDipJ-n68cjvFdlZJsxyrlVY_dZOZ4oGdeyn04RfYjnQ_OW1lUweudPP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 21 Apr 2024 16:24:49 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=1e5c3c1e-3d8c-4ed0-9e76-fbe95430333c&a=s.d&u=82db8863-a5a9-4646-bfc4-7efa7ca1ddba
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:24:49 GMT
age
2566349
x-guploader-uploadid
ADPycdtQ2tQMdZEaZZmgzEqkDMSyv4NNQmbPCpE2-oXqXDipJ-n68cjvFdlZJsxyrlVY_dZOZ4oGdeyn04RfYjnQ_OW1lUweudPP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 21 Apr 2024 16:24:49 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 23 May 2023 09:17:18 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 05:55:32 GMT
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
12107
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
HPqsPpz1ufupUSnDxUmQsa34CSHiBFku0w1SHt73S6sWTY86BzYfYw==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:c00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 02:36:56 GMT
Via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
24023
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
OHOctvU2YNTFt-jOOdxnwoLGi8i_7PnzVp7Rl1vxmfw4IbGmWz238A==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:13:04 GMT
via
1.1 google
age
254
x-guploader-uploadid
ADPycdsfqr69JrCBfrirFhoWLsh5_spwBVfRfx-7U2tAHVONYgEHuhojWxTVBo_KNKeGFxKFCA2Z4I__syrrauQyOVD-6g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Mon, 22 May 2023 10:13:04 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 22 May 2023 09:17:18 GMT
x-content-type-options
nosniff
content-encoding
br
age
35873
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230083-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:00:55 GMT
content-encoding
gzip
age
238583
x-guploader-uploadid
ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 18 May 2024 15:00:55 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2035019903819544&correlator=3784042656249968&eid=31074664%2C31074681%2C31074533%2C44777901&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDH.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&ifi=1&adks=1170604676&didk=1337237421&sfv=1-0-40&prev_scp=pos%3D3%26monu%3D320x50_A3%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26context%3D9_HE_chrome%26slotOnScreen%3Dtrue&eri=1&cust_params=page_num%3Dundefined%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1684747038580&lmt=1684747038&dlt=1684747037740&idt=699&adxs=343&adys=557&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=20&vis=1&psz=340x70&msz=320x0&fws=0&ohw=0&ga_vid=215484772.1684747038&ga_sid=1684747039&ga_hid=1601737721&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEhkKCnB1YmNpZC5vcmcYmd7-lYQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJne_pWEMUgAUgIIZBIXCghydGJob3VzZRiZ3v6VhDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ3v6VhDFIAFICCGQSFAoFb3BlbngYmd7-lYQxSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cc8fc8de84bd17ddba2bbc20d865dbd5daaa2deeecb07187ec6f3addcfa4eaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9397
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E103 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:18 GMT
expires
Tue, 21 May 2024 09:17:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2035019903819544&correlator=3396540493866687&eid=31074664%2C31074681%2C31074533%2C44777901&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDA.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=2170538812&didk=1041914919&sfv=1-0-40&prev_scp=pos%3D1%26monu%3D728x90_B1%26directDeals%3Dsticky_bottom%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26context%3D9_HE_chrome%26slotOnScreen%3Dtrue&eri=1&cust_params=page_num%3Dundefined%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1684747038600&lmt=1684747038&dlt=1684747037740&idt=699&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=215484772.1684747038&ga_sid=1684747039&ga_hid=1601737721&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEhkKCnB1YmNpZC5vcmcYmd7-lYQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJne_pWEMUgAUgIIZBIXCghydGJob3VzZRiZ3v6VhDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ3v6VhDFIAFICCGQSFAoFb3BlbngYmd7-lYQxSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e48b5781e7d4da9fc720056d23084360fed5731ba4a33e9d5b1f727ab5e96be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11883
x-xss-protection
0
google-lineitem-id
6151851485
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138409613079
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ats.js
ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ 		353 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-75.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8020ce97f71b864b4d349c0f1a346f4094fc4b9bb52cfef2ed397751037c1d46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
GfdzA3DpV4YsZYxJrGrYhcCMCE27LBaI
content-encoding
gzip
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
date
Mon, 22 May 2023 08:39:48 GMT
last-modified
Tue, 19 Jul 2022 21:20:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
2250
x-amz-server-side-encryption
AES256
etag
W/"d47416b7feb1bd9699e41f4ed3c32a3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
fJkacLJ_mARnO9xPyQntfjH823Bz0SxjAkFj2F_cJwRMW_L3k3D-Gg==
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2035019903819544&correlator=3314448603664934&eid=31074664%2C31074681%2C31074533%2C44777901&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fif&iu_parts=20842576%3A21807321066%2CFJ401M%2CFJ401M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&adks=1505084769&didk=1143580012&sfv=1-0-40&prev_scp=pos%3D2%26monu%3D300x250_B2%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26context%3D9_HE_chrome%26slotOnScreen%3Dtrue&eri=1&cust_params=page_num%3Dundefined%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1684747038631&lmt=1684747038&dlt=1684747037740&idt=699&adxs=353&adys=1024&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=20&vis=1&psz=320x270&msz=300x0&fws=0&ohw=0&ga_vid=215484772.1684747038&ga_sid=1684747039&ga_hid=1601737721&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEhkKCnB1YmNpZC5vcmcYmd7-lYQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJne_pWEMUgAUgIIZBIXCghydGJob3VzZRiZ3v6VhDFIAFICCGQSGQoKdWlkYXBpLmNvbRiZ3v6VhDFIAFICCGQSFAoFb3BlbngYmd7-lYQxSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a7fec252cf104e6eaf0538fa940cae4b6b82efa60081e78de200e8ce897de0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11916
x-xss-protection
0
google-lineitem-id
6151851248
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138410129707
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
0092cb9c4803a12abf9fc1c0b4776e6ef441b8c80f25c89d352f174ebb88a8e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
syncframe
gum.criteo.com/ Frame A283 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.idrlabs.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:17 GMT
server
Kestrel
server-processing-duration-in-ticks
337214
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
encrypt
esp.rtbhouse.com/ 		241 B
335 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
aec768183aedd35badc7f08debb11c5ad74436b396863ee3a1cf51a47361991b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
5609773f4ad1f5b4af8e0069a31ddbf3
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
esp
oajs.openx.net/ 		0
0
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 22 May 2023 09:17:18 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
522d2b0d54ed8d0728e939d20eaaaeaf
1013.json
id5-sync.com/g/v2/ 		241 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1013.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
8e891b2effa10b232399249b2739a5d90a44eb88b03a29c689a8cdb7eacae3a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.125.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-125-132.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a68f6b32df4ae0f7f54f4f282a8c4f1a717b6a5f80dc45855e540dfd24bab3ee

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:18 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
x-server
10.45.24.244
access-control-allow-credentials
true
content-length
60
expires
0
/
geo.privacymanager.io/ 		28 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 01:13:31 GMT
via
1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront), 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
29027
x-amzn-requestid
d88b8c76-c15c-4f50-a8fb-ded30769c70c
x-amzn-trace-id
Root=1-646ac1bb-6a15425157200ddd4f93c3c3;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
FTM1SGaXDoEFX0A=
content-length
28
x-amz-cf-id
cfCr2OAeREUwegeE0HFKcrxquDBaC3HERe2o35a4NjCJQWMAMpu0Ew==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ 		28 B
605 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/579687a0-8c18-46bd-b689-40c37aa6b087/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-122.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 01:13:31 GMT
via
1.1 6851af5c4f6d355fa4ec39cc8cc0c358.cloudfront.net (CloudFront), 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
29027
x-amzn-requestid
d88b8c76-c15c-4f50-a8fb-ded30769c70c
x-amzn-trace-id
Root=1-646ac1bb-6a15425157200ddd4f93c3c3;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
FTM1SGaXDoEFX0A=
content-length
28
x-amz-cf-id
ecfmV7FVK04la7VspO8Pft-KaaVjV50WIguSsf8dWnVXN2XV-IspdQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
sid
mug.criteo.com/ Frame A283
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=idrlabs.com&sn=ChromeSyncframe&so=0&topUrl=www.idrlabs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=J_iqnnw3UTlxbThHWm44aVVxdy9oeXpYaXJWMmIvMklFUTl2dm1SWHVFMTlObStwcjJpNVVIT1JlQmkzNmNvSUZxR0dNNzR5TDBCSGhEQ1VFL3IrYTZuTFRDd1owZFViTndITW45QnpmQyt4MHBIU3B5U09LdlpMcDYwQz...
433 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=J_iqnnw3UTlxbThHWm44aVVxdy9oeXpYaXJWMmIvMklFUTl2dm1SWHVFMTlObStwcjJpNVVIT1JlQmkzNmNvSUZxR0dNNzR5TDBCSGhEQ1VFL3IrYTZuTFRDd1owZFViTndITW45QnpmQyt4MHBIU3B5U09LdlpMcDYwQzRwUmlScE0yNTJNNjE4ZEU5aGl1QXR6UjdpbFFLZUI4QW5GMDhJNnhUR3hhL1gxOWJNR3hSUzNsSm1IQ0tQN3o2am5PbTBacER3VnEwQ1NuWFQzRXAvVk5pcVdNaWZHYS9QeEdCQytmaG9WOGt5d2pGaGRUR3JVOHdML2pRSmxqN0cvSlpTRVBpMVVFYWwyTE4xeWxKdG55Y1h1bFp5T1JoUFoxN1FzeVpFNlJydWtuNjB3ND18&cppv=2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a9587dfa3701d33bf7a5058cf5c2c6f942b5bf9f898b499811b2de8894ad0262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
7991193
expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=J_iqnnw3UTlxbThHWm44aVVxdy9oeXpYaXJWMmIvMklFUTl2dm1SWHVFMTlObStwcjJpNVVIT1JlQmkzNmNvSUZxR0dNNzR5TDBCSGhEQ1VFL3IrYTZuTFRDd1owZFViTndITW45QnpmQyt4MHBIU3B5U09LdlpMcDYwQzRwUmlScE0yNTJNNjE4ZEU5aGl1QXR6UjdpbFFLZUI4QW5GMDhJNnhUR3hhL1gxOWJNR3hSUzNsSm1IQ0tQN3o2am5PbTBacER3VnEwQ1NuWFQzRXAvVk5pcVdNaWZHYS9QeEdCQytmaG9WOGt5d2pGaGRUR3JVOHdML2pRSmxqN0cvSlpTRVBpMVVFYWwyTE4xeWxKdG55Y1h1bFp5T1JoUFoxN1FzeVpFNlJydWtuNjB3ND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
491182
content-length
0
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 7822 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 22 May 2023 09:17:18 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame 60D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMeJCsDq5wLiUxv5L4Unljdhq5f6N5hZxjnrSrKrBaMQi-kQeNLdCibeusuoJLWF6DNRWImN4mENgcaNUU6AcEzgSujfoUyvPNYnA_hQ8gWWE7HHbxzZKfaLJ-dJDqyoAPvr-1SRsiezfELlcIsd6QezX5H15jAtY_YRM3Q_dm9wqZuyRuclaitdckvreONEShvGe8Z80ENImEPDfitAEKmL1BBnym5JMklURhPMCVwQKy-JEUkKYUAPuKP-08Xu77PVahob0V3R-Gy_S_r5BfpKvb1kJVPi0XjqpUD3hs6NOCE-kn8GxqfXVMQuf4oDFM68UajQMaV06FWuGTqFrGuZZEnBTxZ7g&sai=AMfl-YTisLoreE5C2i5jg_0L6T_qZftPgGsILKnI_bqeTElXNGc4RP0pv7h7-EKGbMmN8AZvApbpCNrrhfm3y5rqQP5LNpIrHnWp6gYYsXcXcECSUJLGDVrqPtA16LZTSWgXw891INAI2wYFy8FYpjxz&sig=Cg0ArKJSzCSU4GkogvoMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:18 GMT
smb-dispad_728x90.js
saambaa.com/widget/gpt/728x90/assets/ Frame 60D5 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
383f94ef90ee5202247014ac9aca1a13ff647251313d001ba1643a772d9b3ff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
gzip
last-modified
Tue, 25 Apr 2023 21:08:27 GMT
server
Microsoft-IIS/8.5
etag
"80172914ba77d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
12148
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60D5 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:19 GMT
container.html
cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC23 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305161109/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:18 GMT
expires
Tue, 21 May 2024 09:17:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F9F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvismxsEKjrQowBSHU4CUyBWMoEfbvCsAYS4hbf1je7j_ILozyly6V0OkAZOQTz16c3ZVj_giSqrMLvgsbwU8hL2y0m4ZuIEc5dri60pp8RXbgPujdOqxoPstX41VJtN_KU2dzdRkET1Ha3dwe88bVVow-IIgFBe-stBfS8D6Cn8FzCNLyS4VUS8XDGmaK9OCkRRP5lM8PScbij-wtCCd0I38M7DrLreISNCyvYXq8P4zX3h7utPT-qoCN9YrZqzbVtNO0wVqlkNQQgNM0AFNzFa8QWpJyTIZjcomhKsDu2kHX2O7aqAHGO0xVKaXu1KriJibkO5TlwyQP_QNQWEBlUP7lB8qBwKts&sai=AMfl-YQwY7lt3C-sr3UYPoNgVaZ3eRg0IR11l98uahCBS98u2jlip4N7smwYp45-jacPpzjSB2X6fJ99O9Jmy-IsVsIzHk_B7IlvFCYdfvGx7CTd67i36yltLUngy0IcD63R0zGyfGTNynADGxI9gpw&sig=Cg0ArKJSzLYh6E-JTQ5eEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
smb-dispAd_300x250_single.js
saambaa.com/widget/gpt/300x250/assets/ Frame F9F7 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
cbb895c1ccd2586317a06e57f212c4a1d239da751732876b466e698328c35470

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:16 GMT
content-encoding
gzip
last-modified
Tue, 25 Apr 2023 23:55:29 GMT
server
Microsoft-IIS/8.5
etag
"80eebc69d177d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
14831
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F9F7 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:19 GMT
identity
api.rlcdn.com/api/ 		44 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		63 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e26ab7d7ce2fd46560a0d6b4bf7dcadab0f5b41408e0f80315ba10eeb014a304

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 21 Jun 2023 09:17:19 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5491 		624 B
288 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi7hO3eATAB&v=APEucNUWzyNULks9V3MAwq6btQTh3M0_AEjROBT4kVjWijmMJhIfwhG3vKJ-31-gztU59L-GMGkjGT7jQhpWQaBUrd51vZgknwEURcLCyyJ4GpwTph1w9mMZkAAAJ6RLIBSBVarRZNX1M_xbAwIqf6C3xsyu14kDghIBBM4nUnRfXEc0X0MsFJ8
Requested by
Host: cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
URL: https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AC23 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
URL: https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC23 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANSGuJ7dTuxIubLe_erydAshoMetYKqNgDKncUDljoigI13AZj6ftZ6VEe3S17uFgiHjiequFkW0O1AIlyixvLCB_M9YCn0F63Ho4ZLP9YAHjRcyM
Requested by
Host: cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
URL: https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC23 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=69186029852291872&x=1&ct=76
Requested by
Host: cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
URL: https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame AC23 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
URL: https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
46204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 20:27:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame AC23 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
URL: https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81658
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC23 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
URL: https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:19 GMT
pixel
protected-by.clarium.io/ Frame AC23 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzIweDUw&v=5&s=v31h11bvccd&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIxODA3MzIxMDY2L0ZKNDAxTS9GSjQwMU0tRERILkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTgyZGI4ODYzLWE1YTktNDY0Ni1iZmM0LTdlZmE3Y2ExZGRiYS1hZCJ9fQ%3D%3D&cb=250383&h=www.idrlabs.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekl3ZURVdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiIzMjAiLCJoIjoiNTAifSwid3IiOjJ9
Requested by
Host: cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
URL: https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.53.228.151 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-53-228-151.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Mon, 22 May 2023 09:17:19 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 60D5 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
506319c2a9a75194c4138c4fe59fed0c8800f45eeb66945e92726c8cae488ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F9F7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0629de3e7bd589152e97db6c442b0c07a9adcdd575bc3b25d66fc381c7aa17f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 5491
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlzAIEOUlr0Vv8M2_u2ibE&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlzAIEOUlr0Vv8M2_u2ibE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi7hO3eATAB&v=APEucNUWzyNULks9V3MAwq6btQTh3M0_AEjROBT4kVjWijmMJhIfwhG3vKJ-31-gztU59L-GMGkjGT7jQhpWQaBUrd51vZgknwEURcLCyyJ4GpwTph1w9mMZkAAAJ6RLIBSBVarRZNX1M_xbAwIqf6C3xsyu14kDghIBBM4nUnRfXEc0X0MsFJ8
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlzAIEOUlr0Vv8M2_u2ibE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5491
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZGszHyOhLwzD3AlGz3fWEAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlzAIEOUlr0Vv8M2_u2ibE&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlzAIEOUlr0Vv8M2_u2ibE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi7hO3eATAB&v=APEucNUWzyNULks9V3MAwq6btQTh3M0_AEjROBT4kVjWijmMJhIfwhG3vKJ-31-gztU59L-GMGkjGT7jQhpWQaBUrd51vZgknwEURcLCyyJ4GpwTph1w9mMZkAAAJ6RLIBSBVarRZNX1M_xbAwIqf6C3xsyu14kDghIBBM4nUnRfXEc0X0MsFJ8
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBlzAIEOUlr0Vv8M2_u2ibE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 5491
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENeq90KvoieQ3iZrmnR-dLA&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENeq90KvoieQ3iZrmnR-dLA%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENeq90KvoieQ3iZrmnR-dLA%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi7hO3eATAB&v=APEucNUWzyNULks9V3MAwq6btQTh3M0_AEjROBT4kVjWijmMJhIfwhG3vKJ-31-gztU59L-GMGkjGT7jQhpWQaBUrd51vZgknwEURcLCyyJ4GpwTph1w9mMZkAAAJ6RLIBSBVarRZNX1M_xbAwIqf6C3xsyu14kDghIBBM4nUnRfXEc0X0MsFJ8
Protocol
HTTP/1.1
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:19 GMT
AN-X-Request-Uuid
31ad4aac-ae87-4683-8bf4-f21cb51d5d02
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:19 GMT
AN-X-Request-Uuid
74464cb6-72f2-4fe7-a2f2-4f59e7574a34
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENeq90KvoieQ3iZrmnR-dLA%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5491
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2NjIyNDQ2OTUzMjEyMDQ5Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2NjIyNDQ2OTUzMjEyMDQ5Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARi7hO3eATAB&v=APEucNUWzyNULks9V3MAwq6btQTh3M0_AEjROBT4kVjWijmMJhIfwhG3vKJ-31-gztU59L-GMGkjGT7jQhpWQaBUrd51vZgknwEURcLCyyJ4GpwTph1w9mMZkAAAJ6RLIBSBVarRZNX1M_xbAwIqf6C3xsyu14kDghIBBM4nUnRfXEc0X0MsFJ8
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:19 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1fab20df-0109-4a51-b3ea-7762ac3c40f7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2NjIyNDQ2OTUzMjEyMDQ5Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
headerstats
as-sec.casalemedia.com/ 		0
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=504384&u=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5%2BfEymgEDalmI%2BOg8rf8KSKNgt7J3Mkxyvb5MVKHIVdHUVa9B4%2FZXYJhO2DnY9qv7f5XI8PcKb5PmZvEUCAVGXf3YgDJbC%2BVO%2Bl0ke9RRzzF2EgjxxzgXFpqvDSjuMXWJG3ISNjuAM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f7242943371b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC23 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6813972969333&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC23 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6813972969333&version=m202301230201&ct=76&x=1&cor=69186029852291870
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AC23 		90 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATmNMbweNliQcgLqI7rqOz8740Wdc9btNfN5fl52iSOAdftLH03Jj3hKgc0YJ-qFTuo6z_GNb7c9tpzNaRdVuBPJd_Z2aWe4QjVJq5pitCm7dtuqA&cry=1&dbm_d=AKAmf-C_iocc92oEM8fyFrzc59j5KiEbtdQ0Fg3fCcspqk21em4cqqtPZ9fFrt5xE-TkDD_OAQXOH5-uh31LzMikiNBuxAQmC3p65KzcE-Rctawzwb-YJJB24ks5jabUKaUEN2o3nS6PRUAJuSsd7NBn0xPwiJu0Ct4FOVdlFx9D_Pn61sB2_7xyhVtuUjm8u_SJkEjPi692R6Swmr83oez4j3nV41CK7COfz6BuAY8VkkYozEfp6jrw0XQrJTvBkl5hcJ6uZMTPrrclZ8k4us90aspozCYQeLAW9ra0YKRvs-BKhNOnRcy6ao1YpIQjImoymcQjgmTM3PJUAYb24zo8_1O3uzbjV20SNMliNZQZh1wOyGtPj8Fa3XNc5Ageh-ca70U2ArT6blizAcPLXBYBPmwGebLAb2n6xOT8lwh8nH-7_QzLhF-LSWjtF4a_EM_fqKBmtYsNGVdj7Wtb3WkheiRGGdIfJxCFW-cDaD78BRQqbjTJFHvZ-1zZ2MZEVxwHp9cFQLtjPBI2qxUc8ela1G4LbmJmfScCZPyNmg3O7UHe09i-B7Rx7ZhAF6baHptIgfD956HPzyTp8hEN0ewq7ZnvspeJxZTefjRfEhv66nVK8nfRhuQlBp3LhncMZstBLHGLkwhyrVJ2CYgVLnJuQdytDi2tC-sxo6ULs1euJOnXYSDkXOuAB6rtiOZlq37myoaiMep5A-eIM3UC9gGQYI3LbgHHH_z0lCIDPdxipr6lKGYxiX8ZPrA1BksSLGoR4dhaokAXhaSEJipl9eav67WXih6kzUjattywI8uATVRkjg7Epqmdzttutdb-uEqhWHal3rkRGdmQYI9GuqNTn1nRmT_tRdjSxRg2Q1UuIklxZ5a8j5RH57ZbZtha5OWuIptZ8cjoaik7Qk0CcfLqGM00UYNooX14GfWZIO7MR-0MciU8cN-Qn-D18xaQqVY55W5zSw0rgwD_VBgNHexw05j1vb46bFO7kJH7BkTeIzb2RwVUXd22fGZKZ0-WmKPuXwhkMo71FfE8Eqi5TRuOxdYLxa8rXgBnP4VXuFLa8BG9I9e0EGbz3NNIUnvCmcwcqrPM6EN6S4lQqyR5WXSsJkBgJAFbBziFg7JtoZq14axqLngN1y73ZaCnkm5lyIg3NO4D1Ug4Dg80PfdjwqmjVv9jVt5v9oDViKEFz1IveG2uwlsWHrqoFUKObR64J1kLxupGpSL4o11ta5QYBX81BN51hrzFbjO3ekguYCibhZDnJ1mm_Lool_4ni1zh4glrr7g07H2ClxAOvoGdJA-47vO1F2_q_Oy_9zVxpWPve5-dZMOXVcbQYNutg-PsEm2lUaUikXViWkfk2nMczHudCrC_iB5gqGpjrAWq68SbMH_88hrtQgQDRTuCHrwarYp-Mu3n5OVzPgMn2eKY26kW2XNMQBmrrMAK_EOeFoOGl-VLw8rLS7IR53rVyZ7HTfpkEZa9I6Q5zrJEWb4_ilgXlGfK8z4WxTJaxEgro-pr2lAKu_Cu_m6u86B2mln1uDrwStWuyYwG_maYzfHe32-mHCxEiVWRlESXL-Ny18bDj2hAFrcVLoBCa5VEH__902ScbViyjhnKTAAUSvnnQDiHasrp5PgIWrTNpohF_NLRxKh43pEIfppQGjK-VwsCWGQagzR86sBV4-M2oEKJPK7OylknW9ZaXLQ4_H2iKwY512nvhb558GPpRTkomZT4Fcx2imCwG0FcUDNPBIeb2fwqSGB6te3Jr0QGciTC2BVKtForWHH_LTkE570Vra7NtW_uj3CdRr6Zcy1RhBYlcsavHID-nKB9iATscxUIX810cVQQwfNTFF336DKha9Zw0--ZJs-tPJpMJPbPMQEGPfk2RPceUWlBIlMC7Rlzmx8uerlsYfsrd8u3487_dVyDvgsUbeU5sQzJXxXUEpOFV1TlYJ2KRUTUcPCArmSYX4-bzdBKDIJR8IPdbcGvBA5yjciYBh2RSEMlYBTPA968gPcyBOowOTCJKw6W5Ogx6aNvwBmwHwPu5rSr6_alpqHyLbBNnHaj_-qkJF5_bvCsa543PlM41ZMNaZGzzChENHiHcgAfQFIkL9qQzEsovf21VJiu1w91Mwfg2xh8jiOcuyk2FdWXAsLHx4sQf1oM9YiUReKooopm9dolgSsrTMImQe_CFq3O_QdCZJMu7b56LB_4FSeE0jPVe13QNJh0gNLqj4YmP13BjdoxaObU3rBLZxDU7zW0BSTQXueM_ref1lqQ5zumutIhpZsHugcSmhTbkn4Q2MEkYW2xSRA3Iysz2cD_81LUHXhPE79tuphenNd8MwMOKi1wVqJ3GQq-o_eBAry5S0hFRtgVQPy8-W1klFNxqLgxEH2hxAiCxc5C_dglu2LXwrpaoZlfZscdOJbuBCKCIeO9f6hVw3i-93FHmAQUcxwogZYuc2ImyMBKkYgDW7qo9fRIIe6La05806vBIu8ywNVgc3smhzXJ9k7Zh3KLsNkP0kXmKOA3E7U4D_dMQqcQ18gclV3Qmbbgx0Z6w_LhwnqbIjBDBDNEtRTNWrH72H_jqHh6NlWZ1VXVKB69AYib2rQSYv7aLr0nVcWGR-jMaFFhyJKSpS0q_jjZ5pF7T2xrW4AXjtpWPyQEoqJ4Ry5mY-UkvCnRm-O2Z9UOqk9NbPiL9Lj64VWb-GlLgOO8JMR5q2FRwuLLM0zGIpvHvyakH13KmCg3OMJ1Vz7jpF0SHjby3BUe5TqEZKhPL6bvQQrxTrDyyzEDQ0XWIJZHVQrdyrIqaIGMhpiN4hiPm6_cwGyTH7tAm0IqnXx8BVFRu4L-AEnJJSYygZFo3Uj5tGAORhBeFnDcM0VOL4Xf2WeD6ItUJMT-3Rp1HKvXNPzwmIbCXt3JaxKmbij5mHJoHon596e2mhCorIahlfrsvav6aknASdIqu8vUw2HfQBXZmYympkjFrAxkMFAeNRnou2FcFFW14Y58JXRfSXJ6zV5Ij2Vvp5u3AkiYwSGdLzVI0rcd9gyEdwqEFQVJrZtd_mjYXqM49NkUthqMOYDHIOMk3XE5IRQu1NyS9sHVwruSxw-Moer8N0uKphySgeiwSwvgAbsxN49Z0RH_qoxR-d4hAffj9z_1JQv_P0izjP57PQnbZSzNImIEJnVGaINgyugkVttykaJ4M6c6G5pmSHNsIJucsD3k2XuEAb9BBeioNdJHn5-o6kMXfRkmov1U64lKPv0Z72xmfJbR8SqOLFHySYZeAR2nx2bEdT3N87FH9PSDDAuY6zDrSVKqEv_nqVHrLkzykqvFghJK1STCn4R4BN2hBpYtaiYqZRFFNO2rOExQDHSqvYtct-9xwpbq0dxnQfrAuy5v6ZWwLjwoXQDIoMPdyy2T1T_75XpqpKzQ3FCOD-L-Gb7S4h40dhXAvrfXLxgrHVva69w6Qf9ytEMnOqOv6cgHaXr_cL312FXlwtn59bm46_OHjRSPwWt2jCr5wKt2H3dNBRmlWIeb3ghHqu9ucUpuSpd6wsZAwRwMsf1yAwIiLX5Gix4gVu5JV_QaATUJqd8HYEQB95r9UycsC5rvDY4&cid=CAQSTABygQiDqrq61bxLFUw-OyYu0TSCO24olIAH8s0mZ3a8gmSBgGBENDkBDZwTNb6tSbeJxFeF1bF7IACF-vnNnJhjjcgrJqpv9gwRIZcYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2F&ds=l&xdt=1&iif=1&cor=69186029852291870&adk=2086295851&idt=77&cac=0&dtd=50
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46f123116e1e6d20a241c21515a0fa80ac44bd04e98736779fa40b7ec3392c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37425
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame AC23 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
Origin
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 07:18:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame AC23 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81658
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame AC23 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81658
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11001
x-xss-protection
0
server
cafe
etag
16383942900985251592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
css
fonts.googleapis.com/ Frame 60D5 		6 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:10:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 09:17:19 GMT
select.css
saambaa.com/widget/gpt/728x90/assets/ Frame 60D5 		1006 B
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/select.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
645
smb-dispAd_728x90.css
saambaa.com/widget/gpt/728x90/assets/ Frame 60D5 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2687a4d845c445c6cfbc1473dba8865d5ee092edc8f910e91867893b7963ccfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
gzip
last-modified
Wed, 01 Mar 2023 01:07:39 GMT
server
Microsoft-IIS/8.5
etag
"807f7c37da4bd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2978
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame 60D5 		233 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 01:09:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=22732
accept-ranges
bytes
content-length
78875
expires
Mon, 22 May 2023 15:36:11 GMT
0
api.saambaa.com/properties/widgetconfig/728x90/partner/idrlabs.com/platform/ Frame 60D5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/728x90/partner/idrlabs.com/platform/0?callback=__smbcfgldr976767
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5c7d4f3021d85d94f010b98d6ccfd7fe6a73a4856f96ff63f3a20b40d7f3c3a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
1517
vary
Accept-Encoding
content-type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ Frame 60D5 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9590c0edbffd75b5473648d228a5da72c1dd898a1f7dfda37b0aa8c89c726e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25325
x-xss-protection
0
server
cafe
etag
717 / 19499 / m202305150101 / config-hash: 12351717780372853951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:19 GMT
saambaa_prebid.js
saambaa.com/assets/js/ Frame 60D5 		373 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f67aeaa72f3d47e55fb2b4d3ae23a5635be6c480cea318e99ae1c820a1ff1819

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
gzip
last-modified
Fri, 13 Jan 2023 22:44:40 GMT
server
Microsoft-IIS/8.5
etag
"07c09fa027d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
118327
js
www.googletagmanager.com/gtag/ Frame 60D5 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b323d0b183c46bc5ed1b5b52eacee5f5f5326e9acd5cb3771d7744605dad05d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40301
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 09:17:19 GMT
analytics.js
www.google-analytics.com/ Frame 60D5 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 08:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2500
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 22 May 2023 10:35:39 GMT
css
fonts.googleapis.com/ Frame F9F7 		6 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 May 2023 08:15:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 May 2023 09:17:19 GMT
select.css
saambaa.com/widget/gpt/300x250/assets/ Frame F9F7 		1006 B
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x250/assets/select.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
gzip
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
645
smb-dispVidAd_300x250s.css
saambaa.com/widget/gpt/300x250/assets/ Frame F9F7 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/widget/gpt/300x250/assets/smb-dispVidAd_300x250s.css
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d684a474ab9335f706f8a5962de2f314f82a29403609b8c3d3bfff696f85b39f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 16:27:35 GMT
server
Microsoft-IIS/8.5
etag
"8075692c2579d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
3062
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame F9F7 		233 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 01:09:13 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=22732
accept-ranges
bytes
content-length
78875
expires
Mon, 22 May 2023 15:36:11 GMT
0
api.saambaa.com/properties/widgetconfig/300x250/partner/idrlabs.com/platform/ Frame F9F7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/properties/widgetconfig/300x250/partner/idrlabs.com/platform/0?callback=__smbcfgldr300x250995368
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
01f032fcf084378fd1b3afb3696a864d226632ad99a9b15077840ba4ee6fc82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
content-length
1518
vary
Accept-Encoding
content-type
application/javascript
gpt.js
www.googletagservices.com/tag/js/ Frame F9F7 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
557ce3826598a7c297dc292892c13952b52bf64253d13fc12d0938e4fa431025
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25325
x-xss-protection
0
server
cafe
etag
729 / 19499 / m202305150101 / config-hash: 12351717780372853951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:19 GMT
saambaa_prebid.js
saambaa.com/assets/js/ Frame F9F7 		373 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://saambaa.com/assets/js/saambaa_prebid.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f67aeaa72f3d47e55fb2b4d3ae23a5635be6c480cea318e99ae1c820a1ff1819

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
gzip
last-modified
Fri, 13 Jan 2023 22:44:40 GMT
server
Microsoft-IIS/8.5
etag
"07c09fa027d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
118327
analytics.js
www.google-analytics.com/ Frame F9F7 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 08:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2500
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 22 May 2023 10:35:39 GMT
js
www.googletagmanager.com/gtag/ Frame F9F7 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7c40ce87c192d743d6ccf9b99bf21e87cdcf4778b01a0c513e74dc42f16820d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40275
x-xss-protection
0
last-modified
Mon, 22 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 22 May 2023 09:17:19 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame F9F7 		359 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77851be5afb51840c7809b09bcaf75d2220513c2d5a3ac5fb66b173cd3032c34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122524
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:19 GMT
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame F9F7 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 May 2023 18:01:56 GMT
Server
nginx
ETag
W/"64593914-17e9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=604800, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 29 May 2023 09:17:19 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AC23 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 10:36:21 GMT
truncated
/ Frame AC23 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3482a7463c0a67a4037dbe8cf40a93d6564591b67d77e81f3f5ccb3360ba3618

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0ACC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 10:36:21 GMT
expires
Sat, 18 May 2024 10:36:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
320x050.html
s0.2mdn.net/sadbundle/18144292582690127872/ Frame F6C9 		47 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b7fc5ebddd3adb8828b632c928445bd78c22ab7929c9edfdf89b6a04de9ba8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:19 GMT
expires
Tue, 21 May 2024 09:17:19 GMT
last-modified
Wed, 15 Feb 2023 15:46:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AC23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvK7Q3Rr2wWt8h6MkD9OtlcZjsiB_SVg8MKaizSXZfurNNs_xzagxV8aiBYYU-pt7UKwr2eGwHCQD_b0JS-IKCheJvdpmorsWSJL4xq0bZ69Xq_PqKi4IijvBgp3QDlzVNIO-naVVeOS_yK_mLPsdq5sM8j9PLBOoOQxhLoFWmrcDWBjFqG6fgU-i2uGzgZ7pM43bXxkJ29XTpoBbUMffdCVs8hLRn3oKaRcSo1q6ZgZSmmanilrWt9esJ46NPRYRhk7vU1l87rHHNBxAsG1vSPp4xD1w_uJt7rS0lZ57IO1CiYE1SfOHza682N7k6HaW2hmgJBrPCgQ3mSh_yf4OCzd2gsQIZcD3-0urkdvZxkZXXvkMjW3G4qfMzt3GpXDpt9NEWAZdNxKHvV7-A6WvNxRPJGg4_Yvcpz2xwuG9FawfoCaKuFAAkMs0ktVy1QuSZpWb4nYJwq67Kn7mI8_ip89yheCTbOTcFXOpIhX1FQADeddSNzsXIcTPlX-K6PoLOkkt_nYt1jRY1T_mBVxbJ0KdJ0q3s04KqUQiv4ecXW2HOe6iMAl7oX6bD4UXLbAglWR9wq23OvB5G3Gm9yCQJnJZc1DVww0-G8Nj4iKwrjwwqBrZK9JHdY6oMe7dQY4UaOkuKzH-K6vIuW6Qs7F9n325qKE9brqfMVOfJheH0ZUtdiLMCTMDKPWkbOv8jJCLwtZuVvxUFnxhFx2joanNh_ol73PXT_ukPSyGQyAdqVAE9tL1xU3aYd8wH1SpOhYR_QshOk2SY_b4qBLtPj0GJyCPbliOwLOZWiL6HcfyiSHV7gTIZGMMimiUWufdtEmkcs8r4xpXgJ-UuEYRm5QiVjYBJl7DL2ziPM2WyjmuvQnqzWF7io8h__bD6zwgwQSd-neW8wdzsv_a1-pZzE7hH28BUBLmvZyNjWB7vx07fkk2G6E8TEeno6IE5vA3UpdMmbn-28pLW8hC5N6P9LauMLgrPmxSEC9iPMffGBsvFOdv1FrCdvNDbjEpBwZSTJVAhDKuGOHpvaxgpgEaKcpwtCUMkwbu_PDjmtDlFLWcn0CMXzrZOkU5l9e0g_8xfbced0Q9jA8daF4VeuyXGnf_FzKa08gZ8fzPVJkb3UsLcH3lW7QUmOhpCKR6WvwwFxowoDFNgjCuYehHUVZ9i8qiGyjCNpeStUwrlHZXe0-hoeIuT_IEjR1TZp7g_R07LgHHXTBVOM-c4i3Zzd7UDtfGv9KIht0c6-aMVtPHC1iC3GKj4A0M1BLl5J5kUODFz-BVlUC9SYlkx3YO02yaOwhoc3SdPkhMhoiEy_nXVTaXMV2kbat1UvN_uW6vOYQtauCkHO3AyKGmNl4b5kV86tx7QHk6tt&sai=AMfl-YTu0W57wa3IVOkGXOAoLZPs6zDruGUzudsiS-pxcjzMObxpsxX4of-1Bp5syaf2clarF323VFYQHVeMX6btrS5e9msy5oWgRs9vijZhquW3Q0hRom0bgEYYcm9CA1mPyn5d0KWeeP6q6dZlFAi1ksByGmtnwK3y1V3VMsKCikTAifjGUFEcezdyXKDVo4G8-FcqWCqgAZLTvpwzubzYzLiSDYY7PKnSaAFPltPOItPaUEprL8rPv6lF_UU4wNFC54sCltkpbjdU7Kp_dD8xN8en3Ew93eiYqjUst_eJM1RxS_3cAouzqrhsg9BY&sig=Cg0ArKJSzLxNN8GsjVuYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=147&cbvp=1&cstd=132&cisv=r20230517.99023&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 May 2023 09:17:19 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:19 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame F6C9 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 07:18:46 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F6C9 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:17:19 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ Frame 60D5 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 08:44:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
1992
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128722
x-xss-protection
0
server
cafe
etag
7615930951174331818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 May 2024 08:44:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 60D5 		1009 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.idrlabs.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab5a9f397f8f2f94e0cdb1d5eec2596e930f86519149068db102d7dbf51a5a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
408
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:19 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ Frame F9F7 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 08:44:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
1992
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128722
x-xss-protection
0
server
cafe
etag
7615930951174331818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 May 2024 08:44:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame F9F7 		1009 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.idrlabs.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab5a9f397f8f2f94e0cdb1d5eec2596e930f86519149068db102d7dbf51a5a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
408
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:19 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 0ACC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AC23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvK7Q3Rr2wWt8h6MkD9OtlcZjsiB_SVg8MKaizSXZfurNNs_xzagxV8aiBYYU-pt7UKwr2eGwHCQD_b0JS-IKCheJvdpmorsWSJL4xq0bZ69Xq_PqKi4IijvBgp3QDlzVNIO-naVVeOS_yK_mLPsdq5sM8j9PLBOoOQxhLoFWmrcDWBjFqG6fgU-i2uGzgZ7pM43bXxkJ29XTpoBbUMffdCVs8hLRn3oKaRcSo1q6ZgZSmmanilrWt9esJ46NPRYRhk7vU1l87rHHNBxAsG1vSPp4xD1w_uJt7rS0lZ57IO1CiYE1SfOHza682N7k6HaW2hmgJBrPCgQ3mSh_yf4OCzd2gsQIZcD3-0urkdvZxkZXXvkMjW3G4qfMzt3GpXDpt9NEWAZdNxKHvV7-A6WvNxRPJGg4_Yvcpz2xwuG9FawfoCaKuFAAkMs0ktVy1QuSZpWb4nYJwq67Kn7mI8_ip89yheCTbOTcFXOpIhX1FQADeddSNzsXIcTPlX-K6PoLOkkt_nYt1jRY1T_mBVxbJ0KdJ0q3s04KqUQiv4ecXW2HOe6iMAl7oX6bD4UXLbAglWR9wq23OvB5G3Gm9yCQJnJZc1DVww0-G8Nj4iKwrjwwqBrZK9JHdY6oMe7dQY4UaOkuKzH-K6vIuW6Qs7F9n325qKE9brqfMVOfJheH0ZUtdiLMCTMDKPWkbOv8jJCLwtZuVvxUFnxhFx2joanNh_ol73PXT_ukPSyGQyAdqVAE9tL1xU3aYd8wH1SpOhYR_QshOk2SY_b4qBLtPj0GJyCPbliOwLOZWiL6HcfyiSHV7gTIZGMMimiUWufdtEmkcs8r4xpXgJ-UuEYRm5QiVjYBJl7DL2ziPM2WyjmuvQnqzWF7io8h__bD6zwgwQSd-neW8wdzsv_a1-pZzE7hH28BUBLmvZyNjWB7vx07fkk2G6E8TEeno6IE5vA3UpdMmbn-28pLW8hC5N6P9LauMLgrPmxSEC9iPMffGBsvFOdv1FrCdvNDbjEpBwZSTJVAhDKuGOHpvaxgpgEaKcpwtCUMkwbu_PDjmtDlFLWcn0CMXzrZOkU5l9e0g_8xfbced0Q9jA8daF4VeuyXGnf_FzKa08gZ8fzPVJkb3UsLcH3lW7QUmOhpCKR6WvwwFxowoDFNgjCuYehHUVZ9i8qiGyjCNpeStUwrlHZXe0-hoeIuT_IEjR1TZp7g_R07LgHHXTBVOM-c4i3Zzd7UDtfGv9KIht0c6-aMVtPHC1iC3GKj4A0M1BLl5J5kUODFz-BVlUC9SYlkx3YO02yaOwhoc3SdPkhMhoiEy_nXVTaXMV2kbat1UvN_uW6vOYQtauCkHO3AyKGmNl4b5kV86tx7QHk6tt&sai=AMfl-YTu0W57wa3IVOkGXOAoLZPs6zDruGUzudsiS-pxcjzMObxpsxX4of-1Bp5syaf2clarF323VFYQHVeMX6btrS5e9msy5oWgRs9vijZhquW3Q0hRom0bgEYYcm9CA1mPyn5d0KWeeP6q6dZlFAi1ksByGmtnwK3y1V3VMsKCikTAifjGUFEcezdyXKDVo4G8-FcqWCqgAZLTvpwzubzYzLiSDYY7PKnSaAFPltPOItPaUEprL8rPv6lF_UU4wNFC54sCltkpbjdU7Kp_dD8xN8en3Ew93eiYqjUst_eJM1RxS_3cAouzqrhsg9BY&sig=Cg0ArKJSzLxNN8GsjVuYEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=353&vt=11&dtpt=206&dett=3&cstd=132&cisv=r20230517.99023&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:19 GMT
OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame F6C9 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:05 GMT
x-content-type-options
nosniff
age
14
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47676
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:39 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:32:05 GMT
OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame F6C9 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:08:36 GMT
x-content-type-options
nosniff
age
523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46936
x-xss-protection
0
last-modified
Thu, 06 May 2021 11:38:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:23:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F6C9 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b07f4dcebb4513328e0992d0ccee52ec5521cfabdbd72da1b419f542a233bde4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5768
x-xss-protection
0
60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F6C9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 18:42:46 GMT
x-content-type-options
nosniff
age
52473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Fri, 07 May 2021 13:08:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 18:42:46 GMT
60005582_20230517023857624_iPhone-14-Pro_AirPods-Pro-2_ASSET.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F6C9 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230517023857624_iPhone-14-Pro_AirPods-Pro-2_ASSET.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44477718a93f60d3160af576aa9f35cd506b547b7b9927028eb3ee0f6c68dbb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 12:42:50 GMT
x-content-type-options
nosniff
age
74069
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23009
x-xss-protection
0
last-modified
Wed, 17 May 2023 09:38:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 12:42:50 GMT
60005582_20230519063518381_320x050_Look-1.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F6C9 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230519063518381_320x050_Look-1.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fd72c0cfb8d95cdfaea5fad8b8853c68c1cb68250d34085980d9a9623b9d6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 16:33:03 GMT
x-content-type-options
nosniff
age
60256
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9432
x-xss-protection
0
last-modified
Fri, 19 May 2023 13:35:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 16:33:03 GMT
60005582_20220825085154659_320x050_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F6C9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085154659_320x050_BG.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89ca8a52f2a1a1e81dbe8ad843ca46323c98c819d622345a3625dc0626b04701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:10:57 GMT
x-content-type-options
nosniff
age
50782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6649
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 15:51:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 19:10:57 GMT
60005582_20230517023842961_320x050_INTRO.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F6C9 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230517023842961_320x050_INTRO.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e7c8ebf2933f1e09fca40d53cee7c03b52268e63bf5cdeb0a7927e7ba6e654a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 12:45:01 GMT
x-content-type-options
nosniff
age
73938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12064
x-xss-protection
0
last-modified
Wed, 17 May 2023 09:38:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 12:45:01 GMT
postview.gif
portal.o2online.de/nws/img/ Frame F6C9 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=29246774_4307561_357498842_170181737_YP0406A20230517&ref=29246774_4307561_357498842_170181737_YP0406A20230517
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:19 GMT
via
1.1 varnish-live-1-0
CF-Cache-Status
HIT
age
3332402
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
43
last-modified
Wed, 22 Mar 2023 08:05:14 GMT
Server
cloudflare
etag
"2b-5f7789eafa280"
Vary
Accept-Encoding
Content-Type
image/gif
x-varnish
45356224
cache-control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
7cb3f727bd421c03-FRA
Expires
Tue, 21 May 2024 09:17:19 GMT
bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame F6C9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18144292582690127872/320x050.html?e=69&leftOffset=0&topOffset=0&c=TNFgf4fpWR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:07:57 GMT
x-content-type-options
nosniff
age
562
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27068
x-xss-protection
0
last-modified
Fri, 12 Mar 2021 15:44:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:22:57 GMT
js
www.googletagmanager.com/gtag/ Frame 60D5 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KFES10EH0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e30f0c06fea4223f4aa1aef594bb9fe368b714a9c734b5128656ad59445aa96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74245
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 May 2023 09:17:19 GMT
analytics.js
www.google-analytics.com/ Frame 60D5 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 08:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2500
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 22 May 2023 10:35:39 GMT
quant.js
secure.quantserve.com/ Frame 60D5 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 29 May 2023 09:17:20 GMT
config.js
cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/ Frame 60D5 		136 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12654039ddf3e12f1460ff7f8bd7b1a99846f6b3b00dc2f6108e0a3d1a0ef43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 08:23:41 GMT
server
cloudflare
x-amz-request-id
GPK663TSRXNSFKAQ
age
207
etag
W/"6e981c1fcff5bf6f141586859d710a17"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7cb3f727eec05bf1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ruegCYA5CF6j+NQjm8p0U7v97dqBJs8cEF4x57zhar6IgAQhxYir3mhJqqpNPLY4RFh9cslAqyc=
0
api.saambaa.com/post/storyboard/15006/market/ Frame 60D5 		1 KB
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/15006/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
collect
www.google-analytics.com/ Frame 60D5 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1110683200&t=pageview&_s=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&dp=widget%2Fgpt%2F728x90%2Fidrlabs.com&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aEAAAAABEAAAAAACIE~&cid=1519874778.1684747040&tid=UA-253383216-70&_gid=948865839.1684747040&z=1606716317
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 01:39:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27454
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo-saambaa.png
saambaa.com/assets/image/ Frame 60D5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/logo-saambaa.png
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:17 GMT
last-modified
Mon, 02 Oct 2017 18:02:46 GMT
server
Microsoft-IIS/8.5
etag
"39e0e3a6a83bd31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2412
loader-dots.gif
saambaa.com/widget/gpt/728x90/assets/ Frame 60D5 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/728x90/assets/loader-dots.gif
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
33406
js
www.googletagmanager.com/gtag/ Frame F9F7 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KFES10EH0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
911a074082c3405f83ce64a52900da21a67a396e049fa229f82fef6c3ac2194b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74263
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 May 2023 09:17:20 GMT
analytics.js
www.google-analytics.com/ Frame F9F7 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 08:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2500
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 22 May 2023 10:35:39 GMT
quant.js
secure.quantserve.com/ Frame F9F7 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 29 May 2023 09:17:20 GMT
config.js
cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/ Frame F9F7 		136 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12654039ddf3e12f1460ff7f8bd7b1a99846f6b3b00dc2f6108e0a3d1a0ef43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 May 2023 08:23:41 GMT
server
cloudflare
x-amz-request-id
GPK663TSRXNSFKAQ
age
208
etag
W/"6e981c1fcff5bf6f141586859d710a17"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7cb3f7280ed05bf1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
ruegCYA5CF6j+NQjm8p0U7v97dqBJs8cEF4x57zhar6IgAQhxYir3mhJqqpNPLY4RFh9cslAqyc=
logo-saambaa.png
saambaa.com/assets/image/ Frame F9F7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/logo-saambaa.png
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
last-modified
Mon, 02 Oct 2017 18:02:46 GMT
server
Microsoft-IIS/8.5
etag
"39e0e3a6a83bd31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
2412
0
api.saambaa.com/post/storyboard/15002/market/ Frame F9F7 		1 KB
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.saambaa.com/post/storyboard/15002/market/0
Requested by
Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
139b5bbf6aaa835413c9de4f77fac25469a9ea4976e4dbda20b29bd0e63eef81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
content-encoding
gzip
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.idrlabs.com
access-control-allow-credentials
true
collect
www.google-analytics.com/ Frame F9F7 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1414959249&t=pageview&_s=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&dp=widget%2Fgpt%2F300x250%2Fidrlabs.com&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=aEAAAAABEAAAAAACIE~&cid=250294591.1684747040&tid=UA-253383216-70&_gid=307988182.1684747040&z=673864738
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 08:46:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1824
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
loader-dots.gif
saambaa.com/widget/gpt/300x250/assets/ Frame F9F7 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/widget/gpt/300x250/assets/loader-dots.gif
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
last-modified
Mon, 26 Jun 2017 22:37:38 GMT
server
Microsoft-IIS/8.5
etag
"02525d0cceed21:0"
x-powered-by
ASP.NET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
33406
truncated
/ Frame 60D5 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F9F7 		690 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F6C9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:20 GMT
collect
region1.google-analytics.com/g/ Frame 60D5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&gtm=45je35h0&_p=1110683200&cid=215484772.1684747038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684747040&sct=1&seg=0&dl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&dt=&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KFES10EH0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame F9F7 		160 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:da00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 08:17:57 GMT
via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3564
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
X4OnJNtzVBWR0seezaQkHL-U_IUEWJSGpOXVVKxq88mqulVjZb3lxA==
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame F69F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202305161109/ Frame F9F7 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202305161109/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 May 2023 15:12:41 GMT
server
cloudflare
x-amz-request-id
HSV2XXMR7XEPVH6H
age
493146
etag
W/"c445da83949e16f2c7f56d37a9f719f0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7cb3f729b9705bf1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
zv4y8WGR+H9Y/dTzatVDIrevDKXwj/izZf1jo+AZ5dAJ1IYpkKPjdji504Eg1bJWmmeVD7pvfdVqmufYcPKN+Q==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202305161109/ Frame 60D5 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202305161109/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 May 2023 15:12:41 GMT
server
cloudflare
x-amz-request-id
HSV2XXMR7XEPVH6H
age
493146
etag
W/"c445da83949e16f2c7f56d37a9f719f0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7cb3f729c97a5bf1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
zv4y8WGR+H9Y/dTzatVDIrevDKXwj/izZf1jo+AZ5dAJ1IYpkKPjdji504Eg1bJWmmeVD7pvfdVqmufYcPKN+Q==
rules-p-TWKb6gH_3MnFX.js
rules.quantcount.com/ Frame 60D5 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:da00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 08:17:57 GMT
via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3564
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:10:08 GMT
server
AmazonS3
etag
"60b74b47b16486dd7914c1bc3fe2b29f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
lZYBGZ4c519pEXPGIGag8MGZvV2lv1wTtzaozuwykzwb-tetcHryrA==
pixel;r=978894029;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php;uht=2;fpan=1;fpa=P0-240441790-1684747040259;pb...
pixel.quantserve.com/ Frame F9F7 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=978894029;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php;uht=2;fpan=1;fpa=P0-240441790-1684747040259;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=idrlabs.com;dst=0;et=1684747040329;tzo=0;ogl=;ses=f965710d-3872-42c6-baf2-a0dd7fdb1a0a;mdl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=453876561;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php;uht=2;fpan=1;fpa=P0-856914221-1684747040280;pb...
pixel.quantserve.com/ Frame 60D5 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=453876561;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php;ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php;uht=2;fpan=1;fpa=P0-856914221-1684747040280;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=idrlabs.com;dst=0;et=1684747040332;tzo=0;ogl=;ses=f965710d-3872-42c6-baf2-a0dd7fdb1a0a;mdl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F9F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUpe5fas1AdxqZjGVv9TfpB5IAJJSvFmn7e9jnuy92O6gDpmv40geNGvLUEq-8nIzrUA-7QDcoHxdPRZw_P_8t50irc_nSLhok_2tqw0eDD1uragFmo09zgZKSy1_7BaiSNXO3yxog0HyfgCUtiCG4hgAyfrTphq4ELnWZICFzRjBx5Sp0T-F-AchsgUiido_w_DNxl1iDPyry_tMJe_3asghOuQOLFtvQz7Gpxkbf6qycHmk81lThrxf1rGlTSl229Y-RHEaHkS9HCqotTjm4SpuJUi9lGq8kHJ5DTda1rgW5XzBfoR3dBWqHHrrFWWLrrJsHIAqWt5KSwjs&sai=AMfl-YRQuECcrBfcNVzYR3VImXfeAx0x51wg1ppygpYHxCINHnZ8vcnO21lrtouX9LrIB7buSZe1ykDOa4sUUV5BZHxcIJq0KeCO44-IFnGnLpUxhRHaacPlVW-xR8wOIr9oV5pvTRzjkGTWz5Gi7Ms&sig=Cg0ArKJSzNXG3UuhAvsuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 60D5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_QOUv7UpbztnqtB6Wh7khnYryRLLNDoqmNbOHYMcY2_xBhgxi8Z6OxjOIngdyjvkNZhs0PI55XxEgI7QMqRe6Xl8y4QZxwWggljkI-hiYDS_uRbzkvP4N0JbOhJnFoJF0Bmbl_SBMpvZ8x_uOrts9IMPH1yOxzqlLYn7p6F3jRgwZ7-NUNDbN_I6oDe0cxq0KJfFBv3KgmVGcZQE_688QxTEXymySmF8AE4uq7s4x3uzquPmHVRD77W4nm-_o9trpOSK-yPVjFQKWHr7sUUEAfhmKimKCiMNVf_mtxa7wrF6Fxu_c__RCSmLx-slQVryg6YHA9K8d_zQ-zIo&sai=AMfl-YQ7R8sasvPLwocabK9ZZb_dgY7quoI0p204pnOmipXL3K9f-2ti_6vNmIyij4DXWcYsOCcGY6hYLlLl1vlRt4QB4LXpavYnHdY8ElZh-LmphiR11wb7U1J8RwQFbOviXwRoZaMlxJpgUZ4WVnjA&sig=Cg0ArKJSzIh_ci0wSl7PEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:20 GMT
mmt.gif
imps.monu.delivery/ 		37 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=1e5c3c1e-3d8c-4ed0-9e76-fbe95430333c&a=p.l&u=bd54a1fb-1ef4-44ba-ab83-7f8481ff624d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:24:49 GMT
age
2566351
x-guploader-uploadid
ADPycdtQ2tQMdZEaZZmgzEqkDMSyv4NNQmbPCpE2-oXqXDipJ-n68cjvFdlZJsxyrlVY_dZOZ4oGdeyn04RfYjnQ_OW1lUweudPP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 21 Apr 2024 16:24:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9edde9c6d2ec6ac3c7e95f3833e3198e57f461601774855809cdd63ac17f1f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11295
x-xss-protection
0
beacon
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=
  • https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
be20384173635d3a35d12d938a774d186f8775b50dc608d6fb831afd3e9e1f52

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1091
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:20 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Mon, 22 May 2023 09:17:20 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
300x250_oahu_v3.png
saambaa-static.azureedge.net/sidestage/ Frame F9F7 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/300x250_oahu_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C9) /
Resource Hash
6d5bea8e0cdd9848eedee10232ad1498f8027e66a5d9ccee1d052622247ada7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 22 May 2023 09:17:20 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (ama/48C9)
content-md5
6Urn8SrRgO3o0cSRdd+hrw==
age
279333
etag
0x8D9E12E85A19017
x-cache
HIT
content-type
image/png
x-ms-request-id
f6180ff1-501e-0093-2203-8a7b49000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
24705
300x250_ak_v3.png
saambaa-static.azureedge.net/sidestage/ Frame F9F7 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/300x250_ak_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C2) /
Resource Hash
b7f5d70a1071fe2f8b9e45d9befbb788d9912d50f7dbc60e5728bdf837a21d08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 22 May 2023 09:17:20 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (ama/48C2)
content-md5
Brxf/5pfZY4zgW2j5iapHg==
age
279333
etag
0x8D9E12E859EF83D
x-cache
HIT
content-type
image/png
x-ms-request-id
9c925200-a01e-0005-6d03-8a197d000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
39311
300x250_yosemite_v3.png
saambaa-static.azureedge.net/sidestage/ Frame F9F7 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/300x250_yosemite_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48AD) /
Resource Hash
86741fbbd4e540c5e2a541773927159732b41034318e0e0a4a78ee2253da2eab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 22 May 2023 09:17:20 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (ama/48AD)
content-md5
7FSdSDImvRJoVseoH9fwoQ==
age
279333
etag
0x8D9E12E85A47615
x-cache
HIT
content-type
image/png
x-ms-request-id
1d3c16b2-e01e-0081-4b03-8a4f55000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
34431
300x250_japan_v3.png
saambaa-static.azureedge.net/sidestage/ Frame F9F7 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/300x250_japan_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4887) /
Resource Hash
d50cb6bda0a5fd7016cdfe46cadb1f5a517fd0135726d581dfe9826bebcd0cd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 22 May 2023 09:17:20 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (ama/4887)
content-md5
g0ekiMWPyvO4+/SlJYqCdw==
age
279333
etag
0x8D9E12E859ED131
x-cache
HIT
content-type
image/png
x-ms-request-id
0648012d-e01e-0064-5603-8a5da2000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
26484
blank.png
saambaa.com/assets/image/ Frame 60D5 		68 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa.com/assets/image/blank.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.47.17.28 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:18 GMT
last-modified
Wed, 14 Feb 2018 23:02:54 GMT
server
Microsoft-IIS/8.5
etag
"cebd78f2e7a5d31:0"
x-powered-by
ASP.NET
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache
x-cache-info
not cacheable; response specified "Cache-Control: no-cache"
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
68
728x90_oahu_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 60D5 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/728x90_oahu_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F0) /
Resource Hash
446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 22 May 2023 09:17:20 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (ama/48F0)
content-md5
5VOrxFk1xKRvkGqad3v+sA==
age
278172
etag
0x8D9E12E85B2CCAC
x-cache
HIT
content-type
image/png
x-ms-request-id
9cb5aaae-701e-00e2-4406-8a0970000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
17345
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:20 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:20 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:20 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:20 GMT
bid
ap.lijit.com/rtb/ Frame 60D5 		24 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
fc2c98b8beb10e2949ca983f5963e5e83ae8fa33d21900b0802e5140442e9a2d

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:20 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		36 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0754bd967d21fa5c10fa6955be0e44b20c7279c756a20bf290f318a0b8fc2bfd

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZgZAKNlY1vA7aBFijbx4H7U7%2BfStuhooW5rWAM1GL6xIoZPN2zVedAoZLTEJKT0imGNhaAC7wbjPmilUf9I5NS%2BziURpAPaJptemHF4wb9%2BZ7qI6lgz7rw25kmfx7pKkJtMlXyP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72b4faa18e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 60D5 		819 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228c43702f8a41bb%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=cf931fd4-2a8d-4109-9a23-014ece426e3e&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8116997f9e587cdb24970cca8bfb0e8c42772fd786cae7f727ac4b349a70dc94
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-105
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
474
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame 60D5 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
194
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 60D5 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		364 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=5b78ef23-17ff-4a54-ab8d-26c71cf93a25&l_pb_bid_id=14ab030b2b7a101&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.8418709373741695
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
14276d8a4b7295e570a0601786364103ccbe2111e8bbdef093ace36b3734f034

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
364
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-0%22%2C%22callback_id%22%3A%22164bf2801a9345f%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90_desktop%22%2C%22tid%22%3A%225b78ef23-17ff-4a54-ab8d-26c71cf93a25%22%2C%22auctionId%22%3A%22c2eb667a-712f-43f7-a530-c229448ab6cb%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747040497&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 60D5 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
188
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		365 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=9c30fab7-51f7-484c-af01-9e15ebec6c24&l_pb_bid_id=21594f7638933b2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.2946051648585666
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
956a1685bbf8fa351546ca27a7e7bc67077443705ca2f785afc6203f1092d989

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-1%22%2C%22callback_id%22%3A%2223dfd614a26f711%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90b_desktop%22%2C%22tid%22%3A%229c30fab7-51f7-484c-af01-9e15ebec6c24%22%2C%22auctionId%22%3A%229a10ef17-3a01-4fd5-8ec0-86bc76264c4a%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747040503&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame 60D5 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 60D5 		94 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
426bb7258f050fea63b6ba1b4e0e46f490adf8f2359fcb444f75217dc74069af

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		37 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d847adf08319c609133d17a60443f6c9f3fb593830e46b9681cdae85d1c37acb

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40DgvY%2BuwMFfyHCBAU9RKyvx28gbzCKpshcR%2FCibLU9dX7nWihF4ufknxowm32XVux3p7xAcgJqf1Qy%2B7TA5xKrdHdzsQ5JAwhZRGqKm1lApr3C5lGcscgdn55W3QUzS%2FR3QiieG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72b4fac18e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 60D5 		820 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%223366b2e48ac35ff%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=3faaead1-546c-4c18-9a8c-cf8adb7e7f3c&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8c7821150ef9eae8ad1d300fdad53f0fc9bfd878e1dec567b5a44255f07f6f53
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 60D5 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-2%22%2C%22callback_id%22%3A%2240ec5573184976d%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90c_desktop%22%2C%22tid%22%3A%2291e0b808-3ea7-4fda-af5e-affc042df6dc%22%2C%22auctionId%22%3A%229f29b5f4-1bab-4a1b-b99d-f2c7d9418336%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747040518&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		365 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90c_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=91e0b808-3ea7-4fda-af5e-affc042df6dc&l_pb_bid_id=42f35e6bb0b2ca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90c_desktop&slots=1&rand=0.3428248997286678
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b5a8932484fecda9d2e8f6c6b9ee4facc1dc95e4cbf7a8b659af36e909f89c72

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 60D5 		820 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22446b3317cf3ba14%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=926d5725-413f-4122-89ae-07b3a4897f81&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
57787a4288ce4eedf745f701c82ab03cce8944bf03e707ab28185f0e4b941e01
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-146
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40441ccf411e18ebd1dbd3725b69975c48c0a9d749611ac1d88e8bb99408be19

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BvaJg6QrVgaxcupGlq%2BGDKIauEHUrWkcMSxla3ToizoAKWwymEqfX83HrZv3hMrbYMANektlJ0Nqunv%2F3AyeSFEqj8DrzfpKVNymgt0iwXVuu5xtK1N9uuLw7mJxDjVrnGrdP93"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72b4fbb18e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
c
prebid.a-mo.net/a/ Frame 60D5 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
216
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ Frame 60D5 		94 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
419bc5e687958157dbcb32fced06c796dbfcaa7904dab9cf80b595d4c3130a9c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
trinity.json
apex.go.sonobi.com/ Frame 60D5 		820 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2253a647833a9555c%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=75b6c749-9479-418d-af80-8ef26324ea13&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
b16121bf16b81b604310b6ec41e3b435378403b661591c8143bb9c85d0e9e8be
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-15
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
474
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-3%22%2C%22callback_id%22%3A%22552544c83b02783%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90d_desktop%22%2C%22tid%22%3A%223e27e1ed-15b3-46a8-8829-4d429dcce085%22%2C%22auctionId%22%3A%22c18721f0-4780-456d-a3a5-c54e5fe5613a%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747040530&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame 60D5 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 60D5 		94 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
ec527d4b6c6bc90bc71fdf7026bf42adae6b05c006716e0e735e68027493be59

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90d_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=3e27e1ed-15b3-46a8-8829-4d429dcce085&l_pb_bid_id=63db3c223364326&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90d_desktop&slots=1&rand=0.5021627663378827
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e91a13efc7572c9b39835aedcd807f37a200e6ccf7f4d38380488294ea45ddde

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		37 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad59551a46e14dc538e0aeb3d0eec30a37f3d4baaff3295e119953bc556bd3c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyqEF7WGO%2F6pjV%2F%2FetNRUkII6zqfV%2BR0CXR8BxZBmhYVtOyDt%2BGdCSPO6fWaFt3t99lEPdXI7OrvUZHXzt%2FZOvXp%2BtbU45x8kc7EQw9Wi%2F0tVKwNuvxHAgC5uoXQrk1%2FpTgPrMxz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72b5ffe18e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
c
prebid.a-mo.net/a/ Frame 60D5 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
230
server
envoy
vary
origin, Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js?cb=31074664
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:20 GMT
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&zcc=1&cb=1684747040613
  • https://ad.turn.com/r/cs?pid=45&rndcb=608202926
  • https://sync.1rx.io/usersync/turn/3831658881924355672?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-76b68e41-a175-40c1-93b8-4b6a90b5fee6-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-76b68e41-a175-40c1-93b8-4b6a90b5fee6-003
  • https://ce.lijit.com/merge?pid=97&3pid=RX-76b68e41-a175-40c1-93b8-4b6a90b5fee6-003
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-76b68e41-a175-40c1-93b8-4b6a90b5fee6-003
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=97&3pid=RX-76b68e41-a175-40c1-93b8-4b6a90b5fee6-003
date
Mon, 22 May 2023 09:17:21 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX76b68e41a17540c193b84b6a90b5fee6003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 60EF
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:20 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 60EF 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=fmx
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=163668ad-cf34-49ae-abb7-fe29c79d6582&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAFy6E7I1mYAACFpYYcPWQ&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAFy6E7I1mYAACFpYYcPWQ&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAFy6E7I1mYAACFpYYcPWQ&gdpr=0
Date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 60EF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
data.adsrvr.org/track/cmf/ Frame 60EF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=6N1C459lDHfifFalzzRb&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=6N1C459lDHfifFalzzRb&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=6N1C459lDHfifFalzzRb&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT, Mon, 22 May 2023 09:17:20 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=8561191816879852939&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=8561191816879852939&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a7ed930c-ae5c-4bc3-b7cc-27afedb07cce
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=8561191816879852939&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=d8Dg_HLH5K5sweKnd5b7pyKQ4q5swOGteZEHlseR
43 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=d8Dg_HLH5K5sweKnd5b7pyKQ4q5swOGteZEHlseR
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=&gdpr_consent=&us_privacy=&3pid=d8Dg_HLH5K5sweKnd5b7pyKQ4q5swOGteZEHlseR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=69647aa7-efc9-4af1-b8f1-129b8a104b42
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=69647aa7-efc9-4af1-b8f1-129b8a104b42
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=69647aa7-efc9-4af1-b8f1-129b8a104b42
Date
Mon, 22 May 2023 09:17:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1684747040507&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=5820C609F01342E89CC3206CB07BA85E
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=5820C609F01342E89CC3206CB07BA85E
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=5820C609F01342E89CC3206CB07BA85E
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 21 May 2023 09:17:20 GMT
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=hBLLbckIbCYO&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=hBLLbckIbCYO&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://ce.lijit.com/merge?pid=49&3pid=hBLLbckIbCYO&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-78764785dd-nkwtr
expires
-1
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 60EF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
iu3
aax-eu.amazon-adsystem.com/s/ Frame 60EF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:20 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CF4TF0BQ4AHN66R714PE
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=Gr_NqNZHNGX6_p-EToKz61xb&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:c8d56fded8ac0ebb42defdc45a078b4e
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:c8d56fded8ac0ebb42defdc45a078b4e
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:21 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 22 May 2023 09:17:21 GMT
server
Aorta/20230519.c3c62a3ff
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:c8d56fded8ac0ebb42defdc45a078b4e
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
a13e32cdf0e5
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
pixel
cm.g.doubleclick.net/ Frame 60EF
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:20 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame 60EF 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame 60EF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=8561191816879852939&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=8561191816879852939&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
69a5a943-38b9-49e3-81f0-f885a4f577d6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=8561191816879852939&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7FFE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50534
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:20 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A640 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50534
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:20 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 586A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...
753 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8375aa8e241cf760bd23b5db1d0ea90fc53249cc19f9743782454132fbc4dd5c

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
465
content-type
text/html
date
Mon, 22 May 2023 09:17:20 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 22 May 2023 09:17:20 GMT
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
merge
ce.lijit.com/ Frame 3855
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=9136218687624923075&gdpr=0&gdpr_consent=
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=9136218687624923075&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13401719&gdpr_consent=&us_privacy=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:21 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Mon, 22 May 2023 09:17:20 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=9136218687624923075&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
activeview
pagead2.googlesyndication.com/pcs/ Frame AC23 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvCBIBw3f23wPlnDjnSCSg-Sb6Me_AyqdZzA8hCP9Cxu4sU-arU4wtWzJomH4AvC9TdFtZV37oYCuKBwDvYUf0TCOSOyyOp9BS2WiyusegAT7a-KebbHUVx2YQ2b6t-AkWVY5iRw&sai=AMfl-YQRevT5CTtdAG6I6ryL1LGGqZih6FSX_LrHpDZqfbiu8RbJokR5drWXAuZZ7_z-8PB1TsaHfp710DFM1KBr-uzT8h9TQ5ngkO7rhRmtkT0oUTddEK51e7hT1r_xk82DR0_1moEV_hSklOMbWA&sig=Cg0ArKJSzA7xbVGfyjClEAE&cid=CAQSTABygQiDqrq61bxLFUw-OyYu0TSCO24olIAH8s0mZ3a8gmSBgGBENDkBDZwTNb6tSbeJxFeF1bF7IACF-vnNnJhjjcgrJqpv9gwRIZcYAQ&id=lidar2&mcvt=1029&p=532,343,582,663&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1170604676&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747038990&rpt=567&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0ACC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZKsQHzNrZJSsGLet9u8Pv5u3yA8AAAAAOAHgBAI&bg=!ra6lrvrNAAZ8_aWmXP07ADkAdvg8WmcqaQ2rropCwQ51Rp3YdDLYibDh08Y0RxSjCO1iwtJRpLQnNe36zJBsqofH-woUdGBdQp8CAAACJlIAAAACaAEHCgBEoPJFtCtJI-6ZgcYrcdmoHsgJyyaTzWAVDIGprd4seAjkjnuaExfav61EUkPiF5w5o3varKvkRTaj28N9zmE8iJmOXyGZAu8cZEjRneTxbGmUTztqU25J9-VpVMywUUZur1tZiFhxWiYGRhllA1vE9ctfTdKtJXuk-x8HtNKk6EYiew5xhz4z3qlAhecDnUSV_OABITiPZZy4ofqqUtepWxZPpEmlOFtE-G5h7ciYS80HPglLV7UECROTCfzuieVkEoRwHKOXpnK5swcs8OQBDb5A7Iyx5QUvFAwxu1acnyO2ENq6ec2e1wqzDxbwwUYb_FAudHWXoiULR-CsvmOydbgtD1rL7uoVuOvrR5zvAlFwM_yFrdTUIYbSHUo3oVzRWWtsLqbNnqL8GDkV5LuVHkJsTdQcfMomOyo20mjeS3zSHP5G9w1O90KHcnBslaa-VMGSGG28JvW8oSJawcy5Jgjrl58neXwBR8ne5-JBlr0AIVXx6LUu54kjX1M6wa-Q2gO0O6g1RJU8Z3_ZF9a9gu79eOydjXgipUEwFZ-hVl5ui3nU68y9dQLonUnX3GTZ9-UTMRYwaju65DKksXuX06fsZWU1SorrNzH3muglWSr_UDNDHSxHVsWjndzRtzDqMPWhgalDCqLF1szgmVRu31RNxXzBOzakvg5mIhOYNem0Tp_Ior0uai6SXkuWAyPCHPikYrpWoIh00RbCMl2XXwbc3MDECASgWr_HW72ipJzgbPMYiYPKJ0jkzb-X9o_eDltFqmE9qv0k1iJfu_tzoCBMsmFuaU2qtwKlvCKxoMXx8SwPQAFHTgJR6kyjXtmZ8e7L-qUF6a5CVbZ5W-LeT0X1Q816C0f9vcplmKeqC41Pd6CA0XHsgh-pJyVrd6bGX8Ho7OWdo_DEqsTsO1FfmXhDrSLjR9LDcE4gkktS2WALdzbjFWQCOC4FIYY3XkpoCV4FsYGcvep7QszKTGAt0cs_6AwiOZPjCVRLfoXKOyn7Ca3bypcZZWDRPsGWJwvpY2xFax62C5E9HwzOKFI7tdA9FfJHscoUyg9-9yPQLurMmvtWMNk_F_hGjiAIy1nVO8AMG9p3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C473 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9984
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 97EF 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f047b6e98726fdce9b2cd23ee3186f7b1c87e210f516a2d97703f691d5dc4951
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Cgwr2hYA4x5oYu_uhxAwVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Cgwr2hYA4x5oYu_uhxAwVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:20 GMT
expires
Mon, 22 May 2023 09:17:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PugMaster
image6.pubmatic.com/AdServer/ Frame 7FFE 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79199494&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ab2017bf88c8a9ee23b2b40efd263bef3dd73fa2d48a7401c4f5bd585f0a39c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
merge
ce.lijit.com/ Frame 586A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=ccec39c7-47a4-0781-2c9e-e48651dc0c88
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:20 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 586A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7a47646b-3322-4600-b475-a02dc6ac26ad
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7a47646b-3322-4600-b475-a02dc6ac26ad
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:20 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x9 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7a47646b-3322-4600-b475-a02dc6ac26ad
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 May 2023 09:17:19 GMT
sd
us-u.openx.net/w/1.0/ Frame 586A
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_LiSwfm_lpPnuZCa_O6JmqnokJPnuJOQ8unBhIsA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_LiSwfm_lpPnuZCa_O6JmqnokJPnuJOQ8unBhIsA
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=_LiSwfm_lpPnuZCa_O6JmqnokJPnuJOQ8unBhIsA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 586A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7205373100423319410
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7205373100423319410
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7205373100423319410
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 586A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a002e707-ad10-3d8c-6b22-5220296d33da&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 586A 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGM2ZDM0Y2QtNjQ2Ny02MzI4LTdlYzItMDg5OWUzOGZmZGJh
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 586A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1mtuWH_HugiJMfgJWorlc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1mtuWH_HugiJMfgJWorlc&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP1mtuWH_HugiJMfgJWorlc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
ap.lijit.com/rtb/ Frame F9F7 		94 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
648be439dde42b9d7e4d8af7d9ebede039a91de3329b12c8595e4e427548b668

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
trinity.json
apex.go.sonobi.com/ Frame F9F7 		819 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224d56480a028202%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=6d228dc9-d04c-4298-a543-3c15b3ab4fab&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
19bcb773c698b5695f2437f105aaeb22a2401e5228f534253fae84829431d1bc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-125
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
476
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-0%22%2C%22callback_id%22%3A%2266c89ba736d9e2%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250_desktop%22%2C%22tid%22%3A%22a3786398-2c43-4f14-aa42-46052ed504e2%22%2C%22auctionId%22%3A%22d64ee4c3-10e6-49f0-b2cc-9dce754b1393%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747040710&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame F9F7 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame F9F7 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
208
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		366 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=a3786398-2c43-4f14-aa42-46052ed504e2&l_pb_bid_id=125f58e4f733c18&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250_desktop&slots=1&rand=0.14938704540405245
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
086d2640aa0b56174f1c297077c16a2efc09e3f44101f5586b6095603ab27955

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
366
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f14673ac622f94aa881943f97fcdcd69b2d1136e21c6198bdb2a3f11b93b357

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAuiReRIf%2FepxGh47g7gIeD65rJ3B5QwM87IlPGcT4HksTwqmzXkFk1pNQw8GXzIDfDFwco1%2BdTqK3GIvU%2BMVl1xsrj0MqFGRXS8OWwMeWOLvTu5r351qUiCGXPCiKzBQ5a%2FnSjJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72c895218e0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 97EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305150101&jk=2035019903819544&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame C473 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 74D1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0494646b-3321-4b00-ac52-38bfc9ea3e8f&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0494646b-3321-4b00-ac52-38bfc9ea3e8f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:20 GMT
Expires
Mon, 22 May 2023 09:17:19 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x30 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0494646b-3321-4b00-ac52-38bfc9ea3e8f&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 5945
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827988031191
42 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827988031191
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 22 May 2023 09:17:20 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433827988031191
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame EDC8
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:20 GMT
expires
Mon, 22 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1048408
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 1128
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8564978026822791323
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8564978026822791323
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8564978026822791323
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame B4BA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:21 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SM6EHRJX1G0R4VAPWRFF

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 22 May 2023 09:17:20 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
1CD57TC164SRMGADSJNG
Pug
image2.pubmatic.com/AdServer/ Frame 8922
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8N-yDPXYtl7r3rBX8ImpV6WPsF7r37Nd_o67Xsz3
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8N-yDPXYtl7r3rBX8ImpV6WPsF7r37Nd_o67Xsz3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 22 May 2023 09:17:20 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8N-yDPXYtl7r3rBX8ImpV6WPsF7r37Nd_o67Xsz3
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame F05C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8561191816879852939&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8561191816879852939&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
37ece903-f9e5-474a-beec-cc511334d56d
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 22 May 2023 09:17:20 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8561191816879852939&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame C190
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7235933438855739536&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7235933438855739536&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 22 May 2023 09:17:20 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7235933438855739536&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 71AA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGszIAAL5bHx0gBL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 22 May 2023 09:17:21 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230062-FRA
x-timer
S1684747041.954385,VS0,VE90

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 22 May 2023 09:17:20 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGszIAAL5bHx0gBL
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230062-FRA
x-timer
S1684747041.851867,VS0,VE90
Pug
image2.pubmatic.com/AdServer/ Frame C538
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGeTZFN0kxbVlBQUNGcFlZY1BXUQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAFy6E7I1mYAACFpYYcPWQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAFy6E7I1mYAACFpYYcPWQ&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAFy6E7I1mYAACFpYYcPWQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=6405618297063099829&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFy6E7I1mYAACFpYYcPWQ&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFy6E7I1mYAACFpYYcPWQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 22 May 2023 09:17:21 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAFy6E7I1mYAACFpYYcPWQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2974
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dz0Zgdq1UfpcphIZsbr9z9lAlwk&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dz0Zgdq1UfpcphIZsbr9z9lAlwk&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 22 May 2023 09:17:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dz0Zgdq1UfpcphIZsbr9z9lAlwk&gdpr=0&gdpr_consent=
cm
ipac.ctnsnet.com/int/ Frame 2BC1 		43 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 22 May 2023 09:17:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 9045
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 09:17:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 22 May 2023 09:17:20 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesync
core.iprom.net/ Frame 4A78 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:20 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-ec471b7752cd@version_1.551
X-core-time
0ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame A2D0 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 22 May 2023 09:17:20 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
Pug
simage2.pubmatic.com/AdServer/ Frame 612E
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
42 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:19 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
s.tribalfusion.com/z/ Frame 3037
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7cb3f72e489391d8-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7cb3f72d2f8a91d8-FRA
content-type
text/html
date
Mon, 22 May 2023 09:17:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
971
merge
ap.lijit.com/ Frame C69F 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/merge?pid=71&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:20 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7FFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jnsMcj-kRAWBpnw5Pngarw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=50534
accept-ranges
bytes
content-length
5554
expires
Mon, 22 May 2023 23:19:34 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 7FFE 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.125.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-125-132.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.134
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 7FFE
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1767269548
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
via
1.1 google
last-modified
Mon, 22 May 2023 09:17:21 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
date
Mon, 22 May 2023 09:17:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 7FFE
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=N2M1bVJqZzZtTEFUZXVZdzhydm9RbFF6Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7205373100423319410&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.23.142.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-142-39.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:22 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 22 May 2023 09:17:21 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 7FFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEU3QjBDNzItM0ZBNC00NDA1LTgxQTYtN0MzOTNFNzgxQUFG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7FFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBf2YgFfOhTVFjNTFvl6HW4&google_cver=1
42 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBf2YgFfOhTVFjNTFvl6HW4&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBf2YgFfOhTVFjNTFvl6HW4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7FFE 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 21 May 2023 09:17:20 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7FFE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7205373100423319410
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7205373100423319410
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7205373100423319410
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 7FFE 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame 7FFE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-d_ETT5lE2uXcQ4Xi27KYurCTJlkCM5g-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-d_ETT5lE2uXcQ4Xi27KYurCTJlkCM5g-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-d_ETT5lE2uXcQ4Xi27KYurCTJlkCM5g-~A&gdpr=0
date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
8E7B0C72-3FA4-4405-81A6-7C393E781AAF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7FFE 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8E7B0C72-3FA4-4405-81A6-7C393E781AAF?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:bc24:9894:4425:647 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 7FFE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=72ee1ca7-62db-46d9-a5ad-06afaece8bdc&ssp=pubmatic&expires=30&user_group=5&bsw_param=a55441b0-c591-46b2-8849-a4235ea4c0b0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7FFE 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams02-nessy-float2.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7FFE 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7FFE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8561191816879852939
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8561191816879852939
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 22 May 2023 09:17:20 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7a077ebd-7e91-4704-8d4b-ee135b6316a9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8561191816879852939
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7FFE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4191946852113995352&gdpr=0&gdpr_consent=&us_privacy=
1 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4191946852113995352&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4191946852113995352&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 7FFE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ba8e5688-8a4e-44be-834b-b42e4cb154d2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ba8e5688-8a4e-44be-834b-b42e4cb154d2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ba8e5688-8a4e-44be-834b-b42e4cb154d2&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 22 May 2023 09:17:20 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:20 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		37 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3985c63153e0c5b7fc6251b978801cfa6d6becb77d3e33c0bb49081d249eeec

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLgBcdjyjAN6qF15ENnHNNGWmjtIFyqCa5QcMTU9QalTYj1dywylLuZz3OxGLAuX13ZUVusmxGOB%2Bozw%2BYiAghjQk0dP0vYU%2BNoQ%2BuEnoI5J8LILcDCsZMcz%2FXtiN7NOLOk57nkD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72d6f98373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		365 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90e_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=893741c4-c5f8-42a0-85a6-f5721af93ca3&l_pb_bid_id=7477613e36b6a26&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90e_desktop&slots=1&rand=0.8781332970399025
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d8c2973422fb9dbf2686f1ad315c39edfb816117d0e1db60560026dc273c7655

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 60D5 		95 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
155d4d1b4df63b8176b538cadc68575bc0b226dd39f70b5ef0b16b4a7070e409

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
c
prebid.a-mo.net/a/ Frame 60D5 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
213
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 60D5 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 60D5 		820 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228205f61bfac67cb%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=95056e97-3fc7-4fd8-8d84-928b82cad026&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8084d399c9101ff86ad6cd96f70695f49a823096d23d2b2916ada43af3d9516f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-125
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-4%22%2C%22callback_id%22%3A%2284dba30a94bb609%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90e_desktop%22%2C%22tid%22%3A%22893741c4-c5f8-42a0-85a6-f5721af93ca3%22%2C%22auctionId%22%3A%2216fb93f7-fc9d-492e-914a-3280d038a025%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747040845&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
integrator.js
adservice.google.de/adsid/ Frame 60D5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 60D5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=1126073742964271&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=658150668&didk=1238102907&sfv=1-0-40&prev_scp=hb_format_ix%3Dbanner%26hb_size_ix%3D728x90%26hb_pb_ix%3D0.04%26hb_adid_ix%3D165f0036c8506052%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D165f0036c8506052%26hb_bidder%3Dix&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747040867&lmt=1684747040&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=cbr7enblrzte&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e81120fcce254b0e5dd97d0a07f2582c40440effddcd62e3ae4a13d56578df21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11440
x-xss-protection
0
google-lineitem-id
6110887587
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404649566
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 60D5 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
948630aa30648e8666099343b2696c9956fd071ed80a671d7968198894894897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11262
x-xss-protection
0
container.html
87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B920 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:20 GMT
expires
Tue, 21 May 2024 09:17:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:20 GMT
translator
hbopenbid.pubmatic.com/ Frame 60D5 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		365 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90f_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=bc1e1a85-56ba-4647-880a-ed8de03acc58&l_pb_bid_id=88b9dbedc262bdc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90f_desktop&slots=1&rand=0.9937531279392804
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
92b26cd337ff210599c01519bcc502235ace03fb1f33e9fac1fa70e3b7c3ca82

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame 60D5 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
216
server
envoy
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 60D5 		820 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22948d2bda6890456%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=59cbecef-eef9-4e98-875e-c36314dc733b&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3d103e7358623164e532756a2c05edcc105a0a7195db576a33f92f5c656484de
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 60D5 		95 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c781674d7e79624dfcfedd34586749bbdb505473dba9d025b8fc01c9b9b0b074

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		37 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a07272d999804ce36ed0549f46eab787eeada9b00a9575ac5bc21a96bfb603

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuiLjyQLoXpmd1ddAlQHuPRfbRAFXd4W9KyH4ZX23rF8OZJb%2BKV6CSpuKVcHDdJv3NKfUNYZvBjaC5J%2F9LfCqqExCZEVaJ1vxhjYXWcxlQ%2FMYcyj74S%2FJoGFaCnhxCezS9olnbP%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72daff0373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-5%22%2C%22callback_id%22%3A%2210037a836b03bc31%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90f_desktop%22%2C%22tid%22%3A%22bc1e1a85-56ba-4647-880a-ed8de03acc58%22%2C%22auctionId%22%3A%2228eaa01d-4f4a-408a-ba0d-cc8427c33176%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747040893&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=3555066573756763&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=4283511922&didk=1238102906&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D16610e617e4ffad5%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D16610e617e4ffad5%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747040905&lmt=1684747040&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=ytvb91mhqm02&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d498dbe992cea26b8ec78efc44b6b92e099e73e41020e2cb4a528c8f3f15e330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10961
x-xss-protection
0
google-lineitem-id
6110887587
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404649566
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame F9F7 		820 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2219392ba87863638%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250b_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=fcd91669-6e70-45c8-99ca-b5e081b07176&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
9026014865817f7c54bb37b9a4da18fb334862671378aa5b862db3e05edcca68
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
474
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame F9F7 		94 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
0ab6948fdbe10caa6eec1dc018da0145f6567a36bdf1cfe025058848800e8228

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-1%22%2C%22callback_id%22%3A%22230593eb59a25df%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250b_desktop%22%2C%22tid%22%3A%228eb53272-1800-4d66-9988-a028899dc030%22%2C%22auctionId%22%3A%229dd2af3f-a37e-4460-bea6-abc69a26de78%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747040922&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		367 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250b_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=8eb53272-1800-4d66-9988-a028899dc030&l_pb_bid_id=25723134a3e24e1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250b_desktop&slots=1&rand=0.4589427023305288
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
89c935fb5bcbc50621bbe8ea0dc1fe4d46b5484862cf0de6c1498b5967687556

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame F9F7 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame F9F7 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
199
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		37 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf042b4b72c6231dbbc8866306e5032fb94fbb2d26817ee0bd18efbe69546a4

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJorSy9P39JFe3i3DkFy%2BeHZVbj0tXzJJcRWyNQ9zPwc43SMH%2FOVeHOyiCi4ZVagvTSEoD0%2B12kUxvan9FeaKsGdKwz8ktawDutL8qzZ5DSVyqyL0gCIBIDqADWu4zkO5uCVHSuc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72dd86a373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC23 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6813972969333&version=m202301230201&ct=76&x=1&cor=69186029852291870
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:20 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		38 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd80c0c8db38c84090bebad29ec504f896e38c1f3cc642efb0e6e7155cd09db1

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBGVdTZxLu4UzeX9Qy%2Bz317wggHh8D7RrjBG1szd6BYpQRGZES2E342JdAuTBPgnuWW0fVLdAqwvID%2FlZRD8UZxxOq0q3Mhd1mXstA9GgRFyyC5Xs8KYb0GTGhsgdAEFeyQKSJ%2FP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72e18bb373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		365 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90g_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=347908f0-0cd8-4844-a2f5-0421e4649152&l_pb_bid_id=104b99ea082f14a1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90g_desktop&slots=1&rand=0.5214357791340172
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fbde02b230538a94e56e8e96fd1ef3711a825286e9d9f76226c4022ba92db051

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-6%22%2C%22callback_id%22%3A%221088c1c109d95271%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90g_desktop%22%2C%22tid%22%3A%22347908f0-0cd8-4844-a2f5-0421e4649152%22%2C%22auctionId%22%3A%220944d205-7abe-4ec8-b989-b8bea0c558e4%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747040968&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:20 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame 60D5 		821 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22110cad61dc5a2e41%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90g_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=c53931d8-0556-4c8c-abef-8458d2806120&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
672dd1bc4e43633736b0869988fe8bc42e180b1f210b691d72eed35161ba677f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
476
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 60D5 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ffe749d2e2635ec192d6c47cfbdf64289299b1e9dedcd2d567f93aaa2dac7fcd

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1726
bid
ap.lijit.com/rtb/ Frame 60D5 		25 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
772a46417e9710087748aed2e81c859e1ef48a6f843fc517245260d7e743357e

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:20 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
c
prebid.a-mo.net/a/ Frame 60D5 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
174
server
envoy
vary
origin, Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=2681585498748149&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=1332890142&didk=1238102905&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747040978&lmt=1684747040&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=cxop7d2dfl9z&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34ee839ca8272d45b424558f5513635f406431401a6e513cf263aa643c05c343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10959
x-xss-protection
0
google-lineitem-id
6110887587
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404649566
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:20 GMT
trinity.json
apex.go.sonobi.com/ Frame 60D5 		820 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22118c32a15696d8a%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=55112c03-463f-423e-a0e1-550123b8856b&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8438ea6588a54d340cbde15d0621be69193e0b9248cf4e2b99994d2e0f442f12
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-7%22%2C%22callback_id%22%3A%221222abe9494b7b4b%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90h_desktop%22%2C%22tid%22%3A%2286a5a4e3-3b62-4596-97e6-92173c966266%22%2C%22auctionId%22%3A%22d687de55-dd05-49fb-a0fd-870254d5efe0%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747040984&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		38 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa6688fbd96ecb0c012c11705b41cab67e38311ddb8b1340ac6ebdb8fdd4aaf

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9i48mdJpl4fWdKDxDjb26hGSszBF6fuggbR7AjlBBPnMx90IDo6M9l9%2Fwb8CI2dpeY7gVdkYFzgRbklC9phv8%2F7ZRFbm7S%2FjiTkPmmeU62kjE3Hh7uyGJHxxE0OtfT%2BF%2Ft5bbRl6"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72e3904373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
bid
ap.lijit.com/rtb/ Frame 60D5 		95 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
fee0ca95912191b18b0e9318e17b9f1bf823516bf3986a60edea0a34232945f6

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=86a5a4e3-3b62-4596-97e6-92173c966266&l_pb_bid_id=12859ed46cf0deba&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.8224874165297105
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b8e9d5b68615cfa19cc65e317f532c3619bc0c1db9989950a4d545ac5db2d425

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 60D5 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
48ab759f1dd56b8238cf1c1769f5dc890011866f30a2956a4719983ff1686135

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1968
c
prebid.a-mo.net/a/ Frame 60D5 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
216
server
envoy
vary
origin, Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		31 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=1072816890193202&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=2587397766&didk=1238102904&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747040996&lmt=1684747040&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=kwzhgdbnkx0o&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c160b101e06a7e023925e8662ef7fa797866c555b0b439a7b08909e72909d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13326
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame F9F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F9F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=792488742945866&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1246821082&didk=2887917928&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041035&lmt=1684747041&dlt=1684747039011&idt=1049&adxs=353&adys=1149&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=ulsmay8g1rrf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x250&fws=384&ohw=0&ea=0&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08b51ffc501c83acf5428a12afa789fc46748cf96caa3de64643c6b80c3288a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11429
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346211
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F9F7 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b11e31908f1b119c357a0a9e669cc7a148fbcf80102ca1b79906d39b9917c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11253
x-xss-protection
0
container.html
e7495a226610504c7ac7352574b0ccc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 71B3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e7495a226610504c7ac7352574b0ccc0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:21 GMT
expires
Tue, 21 May 2024 09:17:21 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 60D5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 471D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCJTSB8nGV1tVfcjCDWK_vyquymGEDXvHOjzRyoDUk34LLz9QX4YdITZ4rDekqRnl7VItQ9eYl7vhTr03vnA4ZAZ4cHu329kuWqFdSi6wxJaWlwB94MY7bTs5vDy-BCLme_XaTIk5dV6DAVPC58IR0ykvof3sKl3RzTltdI0Cl3FdXNAp2nca5HamGhGiucX52BSnRu6dfPNcx_QvitCY2nQnVNzxjdRqFTK5Cg0VoybuIGn8nxLA2F3kvqcREkVN95UndythNwatIYkU-F2T8JWfrONrQU0cHyHJISacp-GlZiUl9Ba3Wvsw3ckAtChhJ29FqKYfrIbo&sai=AMfl-YQcvqWxyvNH-QPe2JJl49hFvg-tHwNvkAdd55QYVW30WEM9jS_-4z31jErd2ePYRzxpKR8Tve34eVe2HyZO_BT6rxve5UGz5MI3990W3uTLwFCuuih8vNLfZLE2sw&sig=Cg0ArKJSzEJPPiUQYqyTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 471D 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a064c25c1f63cde23c32426d9652bd8441cd55e37ed5ddaf6639f43579eadbfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32376
x-xss-protection
0
server
cafe
etag
6429219285684475170
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 471D 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:21 GMT
trinity.json
apex.go.sonobi.com/ Frame F9F7 		820 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2236625986224db28%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250c_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=8261e5ba-4a86-4789-84b2-5605f8e0a7b2&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
4899e758d792e9e7da2e5fa306374b981a9c5bf6c88ba3816036d1234ea75222
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
473
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		367 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250c_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=b9d10309-d4c4-460e-9798-710f67ea225c&l_pb_bid_id=38acb4e655629ef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250c_desktop&slots=1&rand=0.9395092280827957
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cea8664de085d3a990f58e53b1f935bb30c87d859379710af177d0cf2c7d2631

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame F9F7 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
177
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ Frame F9F7 		94 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
68b9748ebfd39c7c6a316e73f96c3a91c169f1d33741656c594bd2c4d2b513b3

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-2%22%2C%22callback_id%22%3A%2244f4fcbea73e145%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250c_desktop%22%2C%22tid%22%3A%22b9d10309-d4c4-460e-9798-710f67ea225c%22%2C%22auctionId%22%3A%2205ffcacf-005b-4677-86f9-d41818dda278%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747041094&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		37 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03abab4cc9e55b10ff62d30c8e797db973f870a8433c000ab6f00df5698f778a

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPDuQcl0m7fjzIzxqw7%2BhnP81JX4eFHHcD%2FiXM5S9OdzWWKI7fxGa%2FL1ojm95rnKdThVpyFiNkIXF%2FMsMkUQeSE0yTBdj0zrFqE0kDY9EdzXfBI6Jgml7JHMKoxAEtmj54jzTHpR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72eea35373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame F9F7 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f9d9b391231353938b1299a1c2ff7180ad3e4926ca48955372b930dff2dfe0a3

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1723
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:21 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		38 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee07aecb408e448e33b73fc36dd152467da4b537bf3fb10a837fcbb8d6805c4

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtMZMgUgcsWL7%2B7FJjJs1VHu2Tic4Q51UE3CEPE8TsKfU6ETTkxWzwVQiJBgNZjHY8JZKuehAa4dk7ZzDU5mWQ3sMPYQa6gK6eU%2FxK26kCw8eDxFGCKB%2FFgmJcD%2BiNWFTGj0R6Nb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72f1a79373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
c
prebid.a-mo.net/a/ Frame 60D5 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
240
server
envoy
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-8%22%2C%22callback_id%22%3A%22140c6c5f3db57185%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90i_desktop%22%2C%22tid%22%3A%22dd388861-18c2-4df5-b9cb-d1d7a716e0bc%22%2C%22auctionId%22%3A%22b725df39-7d03-4378-a900-4192fd7c7bde%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747041134&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90i_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=dd388861-18c2-4df5-b9cb-d1d7a716e0bc&l_pb_bid_id=142100e2d97fbebc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90i_desktop&slots=1&rand=0.9077556247408631
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1f6a38adfbe68073b69255d62e7e731c71968f960b3a34788da7e59262ff94d9

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 60D5 		95 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c5cf7de613acfb1e8a55b9ffbc95b33a2f151a9aa340786f2cbee85667eea033

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
translator
hbopenbid.pubmatic.com/ Frame 60D5 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 60D5 		821 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22148137e91e226589%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90i_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=90471b91-39c4-4600-be47-be6c78691527&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
61b20129ae5bafba30ca3da014ec6ad3660bfee13ecb622770dffc9095bdf464
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
476
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		325 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=927107307428257&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&adks=3085048810&didk=1238102909&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041145&lmt=1684747041&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=tzy0un1k9pym&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABHeCvjpBqdKmvWqxnLIf22Q_YfXGfWw26mN88LoBEprZNLo0QkW2Okw_ewGfrfEtUbwM--WlEYYy1g0RVCS1I9BcNqFLuL_&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b491bd90eff35064d7c35f54674bfea95cc55fcae93e4157a1cdb7b77c2975a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F9F7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7975 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGoGu1NpKViwN6Ck1VMLAzpDloUwOV7HaSFLNMmipXW8Ilrr7E7OBDOGPAnYi4jHDSilgWIuXS24nk5F-4VWye3nCSF6bpP6LJa1f8xLwFhDAgm7-b9ncWS9mUx-Pgc3w5xVYSbRzeolKa8vMSn0yMmQXi2o2EKSy6AO8zkGAO_bMAYRLzxPAaVXNbARDBKRhTEIEJpluw__Bg5O625fGyo0u84-UC2v7xW9GtUcFms-25WQ3ZC85LZ-htHbQybsdFPd2U_SlcvQLIfzi3Nj-arALISkeIzePFfGr-x_khA4evT_ZUiEoRsGUzKSCObNBr5h-Sqp2i0cc&sai=AMfl-YSLaCoP7K-4c8Qb9yNo5kxpqYvpzEkAB_2Sgw6ALvMfEGYD-Ip9OAjwLUQm11sv1aah9iqQ2-_tKttI0TyqIwt4EuyXCQYlORliDb6duvPEoXIw0sflCEAbXLIsOA&sig=Cg0ArKJSzKiJ5821AzAeEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7975 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccd10366d487212316d26503eb6ed829abdd10ee477c1c7994865240fc60d0f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32376
x-xss-protection
0
server
cafe
etag
14350245010476178935
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7975 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:21 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		38 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89f6b9480bb52fcc0c9b31098aed2acb86a3d401c852b2e4022198857c0c908e

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnQCW%2FWk37qAA7D2H2P1e5VSWEmBmI%2B%2B%2FACLJisObLHIKAKMI8p62EqykuIBXKjhvNFLVlPuh7fZmAf42hsCj9%2BNF4rxXcXdFlO%2FCvmRFtWGzsyYvmbF%2B9l5H2K6JEvMw9OjhPYy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f72fbb8b373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		365 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90j_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=768e1f81-61d6-492f-87ee-6fb7e53bc69f&l_pb_bid_id=1521d13dbb9c45a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90j_desktop&slots=1&rand=0.7488426875011451
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ca3344a2e02cd8b7322b383bd93b8ee2bb929398bd71703ab34731ea621acf88

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 60D5 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 60D5 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
241
server
envoy
vary
origin, Accept-Encoding
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-9%22%2C%22callback_id%22%3A%22158f662ecbd63998%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90j_desktop%22%2C%22tid%22%3A%22768e1f81-61d6-492f-87ee-6fb7e53bc69f%22%2C%22auctionId%22%3A%22e5aca7f5-867d-4b66-92b3-006b0e8f2a2c%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747041230&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 60D5 		821 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22162ee96bae4f533c%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90j_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=94ae75be-d060-4920-a0a8-dd1175ed2dac&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
db5761c165e1050bbae3c5e654025b6a82b8277a436565e9d2cade7817b4b37c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
476
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 60D5 		95 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
cda138538cc8c4bdd27c8da82ca755ba1611595008e14807283fe076d1548706

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
view
securepubads.g.doubleclick.net/pcs/ Frame AC96 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuhUOykPltImUjNNSCF4Ou5RxphF4JHY6Gwohx0Q1vRkOcETn8T8g7M67pY_l4UA98-B1JkTTdLrVJt-Ppsqnj_TM5rrcj8r6Ej6mTSXYHA995_jTbQBMCUjUugT3rzvgOuH7Dt77SCoGgpjnTDBn8hQenDZhjBdX5FZFVztUzMFUqepSoWr4ETvJZXdnY9MGtCt-jglVbV0Dpn1h4Ys6_iPI_x5mWTQhyjyqxZG_eR4bQXZsL2fKgZhxxHAgCiOCPm6ZGr3ECzbUx4TveCLq8ibmfaJWD-OFkNcKDTOUN7FcAhlG0eN7aMblDo4lHViLyvFyIzm3ARvs&sai=AMfl-YTBQi6csdWZlasEIISQKKAkSDX2p4SW3yebrq-3T-eofYE9iGnX_w7LJSiNtlphNwnh3RZ_ey_ErRMxd9U7gnefN86Ym6uEBVAnKTroGNBTJbTV4rGIMwWbtiogmQ&sig=Cg0ArKJSzCnPe19LtzjvEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame AC96 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f625702dfb3cb62b34ebf4a347ced72c7dd2578b77a662a672b9b22a6d71d1a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32376
x-xss-protection
0
server
cafe
etag
1880815027440301322
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC96 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=2520486075871886&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3215044782&didk=2887917929&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041259&lmt=1684747041&dlt=1684747039011&idt=1049&adxs=353&adys=899&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=v8oow1u3jlt2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=ABHeCvhNK1IflLCigunkEYjo5AyiE3m6ZM6-atNdsl1RUsJPWM-oK2IZxiW0iYC1JNTQ7Av4Zo2GC9wxleseCudlNfEIaqWp&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0b884a1aaabb1526261b4708e754cf24121a032e87cfe4592575d5c9c84d05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10967
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403344582
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 60D5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 60D5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=2610067789849477&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&adks=3516126248&didk=1238102911&sfv=1-0-40&prev_scp=hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D728x90%26hb_pb_pubmatic%3D0.09%26hb_adid_pubmatic%3D17202e4fea9c8ff7%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D17202e4fea9c8ff7%26hb_bidder%3Dpubmatic&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041274&lmt=1684747041&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=8eysx2nx2fzp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABHeCvhZhtCQovKMnbHOefCRJs5vksBSkx4RobJa1rSqNXoBJgli62bUbbwbCxWp5h1XOmxar3mcmYbH1hiPZ6wkpAy_Bncs%2CABHeCvjpBqdKmvWqxnLIf22Q_YfXGfWw26mN88LoBEprZNLo0QkW2Okw_ewGfrfEtUbwM--WlEYYy1g0RVCS1I9BcNqFLuL_&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd1338ad26431d42dceb17a932e9aaa0bd6b6cee0e0baf4915fa4f71af9956e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11017
x-xss-protection
0
google-lineitem-id
5111853553
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		325 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=4382881477797563&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&adks=3272850789&didk=1238102908&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041295&lmt=1684747041&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=s81ej08cinyq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABHeCvhZhtCQovKMnbHOefCRJs5vksBSkx4RobJa1rSqNXoBJgli62bUbbwbCxWp5h1XOmxar3mcmYbH1hiPZ6wkpAy_Bncs%2CABHeCvjpBqdKmvWqxnLIf22Q_YfXGfWw26mN88LoBEprZNLo0QkW2Okw_ewGfrfEtUbwM--WlEYYy1g0RVCS1I9BcNqFLuL_&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7bc4222738a9bcd2a3a43cb74340ebde573b8e6726fb5640d0dca9357e73e84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2BDC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDrgSrOG0bYBnifZkp9Qkz4XmLn0gDf1aIyHKQkqPWnfnZcS7dHcvEKKBWUyp2h99202Adhmu8eFrXXYrnZB_MPFu6RqzEpNAB7AoeA1SZoPb_q9qEfmWoSR84juNwvELSq7Gp5LwtngfWPuHkXwfeMA8AbAI3pyIuhI9S7_lxqBykpFmAKDA-FvMYUkpRiDXCIeceDl9ksO6vgS0kZRxgHf4Mfj111tzsE2oDCQ9mdbU75QzS2Xrz5YArmdilZGzMm_0y8xjnaP_mjby4fS_Px21Q3w5N03T2D-eZDTOoVoSClgmCXcpHfRFq1Z3f-OHyw7PJqVE-jg&sai=AMfl-YTMj9zF0wOndDRE2cRQTl0Fz5kYoSYNoKEQ_LsgWwywBHQjjiwS0seHqsabuU2u9RL0_7Z5cdIIasaLTEk0lN-iDGQ-v725BJSTiJlWhPUHqYPcw5ISLCStZ5IsZQ&sig=Cg0ArKJSzGav28ustUtbEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2BDC 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f540b49c612dc66003ccc348385e04e2d50c92a3f0d855c50ea6c2238a34ddab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32381
x-xss-protection
0
server
cafe
etag
5188112508826104844
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2BDC 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		325 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=559465008172531&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&adks=2445953488&didk=1238102910&sfv=1-0-40&prev_scp=hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D728x90%26hb_pb_pubmatic%3D0.04%26hb_adid_pubmatic%3D17446f278fe0b7f9%26hb_bidder_pubmatic%3Dpubmatic%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D1733b13256f995%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D17446f278fe0b7f9%26hb_bidder%3Dpubmatic&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041342&lmt=1684747041&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=2prbcs8yj5xx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABHeCvhGRCW0FAhfKfKVL5jGCgSGGD7rf13cI6ZuBbE-PkLNwiviEkEX35215E066rrpRh8RyftV_IzYVnmjNh-opSVoeaLq%2CABHeCvhZhtCQovKMnbHOefCRJs5vksBSkx4RobJa1rSqNXoBJgli62bUbbwbCxWp5h1XOmxar3mcmYbH1hiPZ6wkpAy_Bncs%2CABHeCvjpBqdKmvWqxnLIf22Q_YfXGfWw26mN88LoBEprZNLo0QkW2Okw_ewGfrfEtUbwM--WlEYYy1g0RVCS1I9BcNqFLuL_&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bd917796617c652029db60419894cbd1edc413c45bba35728a1814beb86996b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:21 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		37 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
632f94eed72a7470b070e750b6c4fe15348add2425f9bac9c561f0b8ab1b5f2b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67n7h0b0obvloNlMqZVZ%2FA30TrxsvBpGqC3X%2BLOs5Gn%2B%2BfQRSkT9hOPb1pnp%2FJASLBOp8U9%2FF3m7ghbgxSZo1n4aLdkIJUEnyHvU9f41b1an3OgnYeS2IK8OO6gP%2BEI9m3LdQLOF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f7308cf0373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
trinity.json
apex.go.sonobi.com/ Frame F9F7 		820 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%225677cf1e429e81c%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250d_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=06559411-d13a-4e58-975b-30182a18cdcb&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
f2ad4c514b36ad13162fec167a5c219d8d6b7ae93591ca0cfb12dabf951fb14d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
474
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		367 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250d_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=9f8ac183-86ec-4d53-b905-bcb6005cb018&l_pb_bid_id=58d9ddd703ae956&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250d_desktop&slots=1&rand=0.0973903338794666
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
76dc59e4dfd447b45f859f5c93f680986d381e5bcf194cc8839a0d8528f9dc60

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame F9F7 		94 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
86c80ef29507f3d584c78e73a8a031645b18a5085a356d4d7b3b23fef71f3462

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
translator
hbopenbid.pubmatic.com/ Frame F9F7 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
460851389148d21b13047a37c55d0111278e85e0956a9e6c7a55341e5e316eaa

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 09:17:20 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1723
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-3%22%2C%22callback_id%22%3A%22642406a456d02d5%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250d_desktop%22%2C%22tid%22%3A%229f8ac183-86ec-4d53-b905-bcb6005cb018%22%2C%22auctionId%22%3A%220d9e833a-8a5f-4fdf-90cc-141176013e36%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747041361&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame F9F7 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
325
server
envoy
vary
origin, Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AD82 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9985
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1872 		783 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d1e856f79f1eed570ab6f7ff88a9e1df4078dabfe86e6cba4bb083566c341f7f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7rh30laGJ1enUxSp2WisqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-7rh30laGJ1enUxSp2WisqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:21 GMT
expires
Mon, 22 May 2023 09:17:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F237 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:20 GMT
expires
Tue, 21 May 2024 09:17:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame 471D 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61bc3055d7aa9817e615155f172666d943538ea21b6dbfa846ed85471eee492e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122659
x-xss-protection
0
server
cafe
etag
15832282195487940059
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
truncated
/ Frame 471D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39fb562c068258008679f69bc38607427394378addd6c1cbe134d0be26261b02

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=3440482786788800&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=3&adks=495745907&didk=2887917934&sfv=1-0-40&prev_scp=hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.05%26hb_adid_pubmatic%3D522498b1304699d%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D522498b1304699d%26hb_bidder%3Dpubmatic&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041441&lmt=1684747041&dlt=1684747039011&idt=1049&adxs=353&adys=899&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=lmxxqb2t22dm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=ABHeCvhNK1IflLCigunkEYjo5AyiE3m6ZM6-atNdsl1RUsJPWM-oK2IZxiW0iYC1JNTQ7Av4Zo2GC9wxleseCudlNfEIaqWp&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
748725909b831515debbc507b87366d92a929a76b2944d168e3c16f0b68b3004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11006
x-xss-protection
0
google-lineitem-id
6152679798
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693540
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame C473 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lxLWdA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame 7975 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f40b2f7e8b711e86201e69a2bdad0c662792861801b895b23dc36971a822f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122659
x-xss-protection
0
server
cafe
etag
15608182948380006885
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		325 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=1273574368793797&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=9&adks=2059224439&didk=1238102849&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D17647e715aa565ec%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D17647e715aa565ec%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041489&lmt=1684747041&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=n30oz7u586t0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABHeCvhGRCW0FAhfKfKVL5jGCgSGGD7rf13cI6ZuBbE-PkLNwiviEkEX35215E066rrpRh8RyftV_IzYVnmjNh-opSVoeaLq%2CABHeCvhZhtCQovKMnbHOefCRJs5vksBSkx4RobJa1rSqNXoBJgli62bUbbwbCxWp5h1XOmxar3mcmYbH1hiPZ6wkpAy_Bncs%2CABHeCvjpBqdKmvWqxnLIf22Q_YfXGfWw26mN88LoBEprZNLo0QkW2Okw_ewGfrfEtUbwM--WlEYYy1g0RVCS1I9BcNqFLuL_%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8ef815717da68a523b423859efffd2db2aaa8214ab7c552b579708959ee2a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F9F7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_jqoeRqe6MJXPyvw1DzhBKgZl6QoEA0bD0yk5LgkD8Ihw7Xf0AkNl5JwIZIwWaCLcMpJyjT3IGwDV8QY-ONi5V1YmyidsPsGIT2XOEU5am5p2Ad1F&sig=Cg0ArKJSzIfOwKDuypCEEAE&id=lidar2&mcvt=1089&p=899,353,1149,653&mtos=1089,1089,1089,1089,1089&tos=1089,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1505084769&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747039011&rpt=1371&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 60D5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBEdXzdVsR-TnKP_DCH127yVyS8bxobIDAH4XZ7FarJa31Og3ruM72OWrKobvxp327plPNBs2XlVZKNT0oL2y-I3RzKHIz6Waj8xlv2kFIsc5GtQia&sig=Cg0ArKJSzEzixZoBo1wDEAE&id=lidar2&mcvt=1091&p=1110,436,1200,1164&mtos=1091,1091,1091,1091,1091&tos=1091,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2170538812&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747038920&rpt=1475&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:21 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		367 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250e_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=92d0b3f9-a105-4f8e-b61b-7c67c728f9cc&l_pb_bid_id=717e8e8d236def7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250e_desktop&slots=1&rand=0.15256384927539934
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
20c8ffe1db558d0f75d475289938ee67dbe4dfb58e3e7fac65f19dbb8d8ceb8c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-4%22%2C%22callback_id%22%3A%227536d1def9809dd%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250e_desktop%22%2C%22tid%22%3A%2292d0b3f9-a105-4f8e-b61b-7c67c728f9cc%22%2C%22auctionId%22%3A%22cf2b2160-5c89-44df-9d33-cdbd1785dda9%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747041519&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		37 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76e36d5f5385fcafec6eea2fab99909bb4627af933968825d9cae28624480010

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RhFTHQyaDhR4%2BNkChhrf9ClD0Ncc7kp8sKg8ASe5DfjrdvNDl5QZduqmfrmy%2BAINg3R3vAW3x2egJO%2BQp0Bc2JhhoEZTwVkxMdQXAEg5AKHKagwYeXQ%2FqiVaV3lweTw%2FqSvK%2BWS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f7318e4e373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame F9F7 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
585092ee19a5f2a1077fdfb54ba9d09ad07acb94c1f8840faca68e52261ebdbf

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1719
bid
ap.lijit.com/rtb/ Frame F9F7 		94 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
144e58ab72453af35fe0f289b5e4abf1ed36515655f79731610e6a5368d1178b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
c
prebid.a-mo.net/a/ Frame F9F7 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
159
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame F9F7 		820 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%228556f2e1b416eac%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=9d00f753-42b7-49eb-a76b-1c7b497a8818&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
7893c9c5cdc653d70585dcf091870884c2107c29bcf4ad168c17997cb7ce4557
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
474
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame AC96 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e77b5b69c7832c8071887145673e6780e18ded026b287adca8e771d808decf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122659
x-xss-protection
0
server
cafe
etag
10650219918619322804
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		325 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=450489396839786&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&adks=1601445237&didk=1238102848&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041570&lmt=1684747041&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=s91dc4bgt1xy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABHeCvhGRCW0FAhfKfKVL5jGCgSGGD7rf13cI6ZuBbE-PkLNwiviEkEX35215E066rrpRh8RyftV_IzYVnmjNh-opSVoeaLq%2CABHeCvhZhtCQovKMnbHOefCRJs5vksBSkx4RobJa1rSqNXoBJgli62bUbbwbCxWp5h1XOmxar3mcmYbH1hiPZ6wkpAy_Bncs%2CABHeCvjpBqdKmvWqxnLIf22Q_YfXGfWw26mN88LoBEprZNLo0QkW2Okw_ewGfrfEtUbwM--WlEYYy1g0RVCS1I9BcNqFLuL_%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7491d1110f47a0588bec56037e0cb3271e69189e59587e58c7b77c00403bda79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A184 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssA_GgVni5c0UUBFlyj1suBAayRjU-iDNhx2P604zR8h06qHwIEXmJsXGar0aJvXRp0tK8SSJgddXU3GLkOfz8-vuLzUkk8LAQF_L-uR-TelciXGOYfsaFdxAuTg869zbWUBI9mViEGrBuev4MhQSphU1qm7J86fjo6KSoM2CsLaU3X1FBrY0KZbH57rmRt2rnpp0wweQf4EdVMnzfO6KzCG2h69OZkV8XqIKh_RCTQ-Zkm48JWHxQtrxGjiHVZ17R2gHX_-J_o7KraVmY1NUUa9MIlFIaBg5XH-_Y_i-uVPXCQBC69UWBe635LSFunHY7x8QgtP07dSldd&sai=AMfl-YQBR2Z_f6KIY4uFkIoCmP9LRgeYMsfrccd3INs7btUTAcaa4SS-c-62SLwCn0brJE2zNH_dyCIULFQp46iTt9WMb_ghcTxPro5feppJfsK9yv_jdCUe_VYCSJ2Isw&sig=Cg0ArKJSzEvo6JiPha6OEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A184 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f99b591dde77a2428f5e4f4c90b5bae1a3a91b77ca71483b20c228f5ad10a2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32376
x-xss-protection
0
server
cafe
etag
15425873971710158724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A184 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 81AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvw5QWS-vP2qZsNU7RI4M7RM7YI_zYcGwrVZx8GIkUBYwd_fDvOdMGHHasZaweRIBZkUS32t3m2FKPeJ8xdPEYkzGl1ht81hmUM_2uEChUonvhvJP2RSVU9VWKHLt5LgAb1YZOIwukOiVUaCdeKx-LDhk4kamJeebOKb7nEqwYJjOfagldlsOuRysyizyvVWNVGpU29yHfzHPbvnlz9FtJwW_p2MfvjRqoyxsX_ru5Hk05ypQscTAQWcD-9lcDnsZu5VYXkf7V9N7BhN3orVVdJYNPRlfXuI35PrYi3wZnVtWR6Iqh5gGPlquYyRpiA-gEcyo1jd9eDX966g&sai=AMfl-YTfntSWHv3FDQZ5ZZ09iZdGe-IBYFcH6ZylrukvWmFc-xxirV6mB3qsjN_xOqSWlIeL6ZVYcHAZvd0Uf08gLJ4LtUoQ-lA2SF833lFrvDqBTyxTKpPIJSq-92FMTw&sig=Cg0ArKJSzA7lZG0pFw5iEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
dsp.adfarm1.adition.com/cookie/ Frame 81AC 		0
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.adfarm1.adition.com/cookie/?userid=7235933438855739536&ssp=9&gdpr=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.93 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.adfarm1.adition.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, User-Agent
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
show_banner
dspcluster.adfarm1.adition.com/ Frame 81AC 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=4395096&cid=5899998&bid=17866224&auction=1BABADF7-F354-4757-9288-8728342CA241&ts=1684747041002&bidid=7235933443127773335&p[country:de,isFirstPrice:1,postalCode:60323,trafficType:2,long:8.67,bidId:7235933443127773335,advertiserId:635558,ssp:9,referrer:aHR0cHM6Ly93d3cuaWRybGFicy5jb20vdmlsbGFpbi90ZXN0LnBocA,adSlotId:4413083,supplyId:161763,domain:idrlabs.com,winningPrice:0.130000,networkId:3202,auctionType:1,lat:50.13]&userid=7235933438855739536&adhost=ad-dsp66&gdpr=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.67 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dspcluster.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
9f1379a87f72b4ad9a38d71bca1030da69bcd9e7f2fa2131fd9e59aa30075084

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 11:17:21 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
dsp.active-agent.com/reporting/ Frame 81AC 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.active-agent.com/reporting/?auctionId=1BABADF7-F354-4757-9288-8728342CA241&bid=7235933443127773335&bannerId=17866224&campaignId=5899998&contentUnitId=4395096&impressionId=49&ssp=9&xr=&xc=&winningPrice=0.130000&contacts=1.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.66 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.active-agent.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 May 2023 09:17:21 GMT
Access-Control-Allow-Credentials
false
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 81AC 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F237 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5TXaITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTtAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4QikpigX6IBrhuKo3Tye2qxUKfsLVxsqdGYOj6GWzz_WCdWGfHPFuAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTY1NTIxNzU0ODg3MzM3NjgYvOEW&sigh=Y8JDrryKZcY&uach_m=[UACH]&cid=CAQSOwBygQiDH2Zc1vm5XVKXGenchH2OW6RybTVggvZEqYaY9KwXI5PfpAysXFMTNcrMhAPankPjiFgoON7TGAE
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame F237 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j6keckccny8vrgcwr2bybk9j9erdmkh2v11q1njvh20tt3vymg1r156j3pn195r7xjspb4wm8zg92x51y6ra3trw1kb3td5a84yp7yr1vvrww7s3n6pjeyjcj0h7dwpvtsa3adw24c2a3ga8cwpf1b01s134s1xaxh44k6rzwg7m15afx0sgy3dw66v5vrz2njrpeewrehmf39f5yacx9k2ea3a8n0exj31w2vq0mbpx7eaeh5z2z9pybrxjep7a225k5yacp28a3myseyrb2sqh69aptb0x05b9vsnq220h57ss1zb1xfsw6azejyrjr6p8mqbfxv7sad2rd6x8f7p797j2nayews60er1fr79d79xs1mkmj84b79trz1ffwg07skn6bc20fg&b=ZGszIQAA0wwIu8NNAA5AbmxG0N-sJH_YWLHQTA
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 09:17:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 90CB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kxa9gxqq60zx5mkmeyy32qwzehn8zzt5k3p299ycmfn4vjpb5kdr6m0gms6ybpbfw43yp6hebxmk7kk0sxvnp30x0ygcrxpcs20wk0g0pa8t3xp8y3eazaapd0gb6xc42qct5zpb2ag1kra1bddndwpmzmg4atmhkjpgamq65qhg61gdgven487t0d8hv1a2txcnq4swy7xrwqp6wzyf0t4echmq1w37w6g0sfjbrpapynrwgghhrd5bds4zhzsen87mr2wevcxe14x5yehsntrjym1sj6abkjvqnb7ja7r2zxtayyfp4ygv5tc5x77nwq29bs8abkra0kjhphk2zrmk9ct8qfr48v499gzv6bk8401gbr6fkm2d22tffdwnfvdxekxvkr8bg91re7sp56n8h943ktjgf99ppzntm0zbw1hydmtx9qb3hj4m1x0p22tmyeb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%26client%3Dca-pub-6552175488733768%26adurl%3D
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aca7046d927af0259111a1a8115c34139ab6c854d8ad835864b153e470efa4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cb3f7326c041919-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:21 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame F237 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
46206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 20:27:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A252 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Tue, 23 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame F237 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81660
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
l
www.google.com/ads/measurement/ Frame F237 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLK33_7zY7lhWCtdskn31CmSBIJBkmUUb4A-qBDTBlkrMwt682sbqHLgLYoOlw2ss3vNCRYHZCfwDf7b6zpR7gzA5Q6w
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F237 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
254461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 10:36:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F237 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame 2BDC 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f40b2f7e8b711e86201e69a2bdad0c662792861801b895b23dc36971a822f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122659
x-xss-protection
0
server
cafe
etag
15608182948380006885
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B8F1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9985
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 457E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f7e183c6301b450a8f4d89620220cfa3cb5296973bbf9f2a5169c608579941bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zYn6AYbBOiHs3Zgl0KgKUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-zYn6AYbBOiHs3Zgl0KgKUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:21 GMT
expires
Mon, 22 May 2023 09:17:21 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 7975 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0fc6ef332016861fa491ce11eed0ffa38bbd3187ce35e418831b1ab58c0c1fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AC96 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29afa940e102abcb77e939daa8d48d305b5c4a23c43442a0146a3fddcb33e90e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:21 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		367 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250f_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=267197b5-f7d8-495a-99b6-f55cd123e57c&l_pb_bid_id=904937dde1f81c3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250f_desktop&slots=1&rand=0.4430003673609919
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bce228dbcc1ff96b6dd015d61529836e145706b4ccbd9a8ef6d86a9e9bbd069d

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame F9F7 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
277
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ Frame F9F7 		95 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
1803f3f616581bc64a285adb86d4f1e1bd615297a7b207bfb58a1558562d4e93

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-5%22%2C%22callback_id%22%3A%22964387a177f947b%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250f_desktop%22%2C%22tid%22%3A%22267197b5-f7d8-495a-99b6-f55cd123e57c%22%2C%22auctionId%22%3A%222f555b45-8de1-47f5-9abb-c75b074ff12f%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747041743&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		36 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edeb8701ea9e9bd65650303bbe11cf1653110e8afc96f705f74b90cd1568e948

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0dTQfko0EQm2%2BcrEmTdZ2bnOvBTPGJUBzNUuI2duj8ixlp6bYS2lCsy%2BTgL3lz08BUI%2BSDn324A1k4Ijghwd1GR0jg8ODvtaU5oWb3TfcRPK0xO9Yc3aUU7x%2Fmj2%2BrwPL%2B4VSGR"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f732e863373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame F9F7 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame F9F7 		821 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2210446ce014591f13%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=2d13945b-bd45-4a86-9bdd-022d5b082992&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
57a9e8bf4c8471a5fefc14edcab2252ee2778b683673b35c95cb6a048ca5750d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 2BDC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1925c2fc6263128143fcaa86a8ef8cdf4940ac2665879394dec3d6adaec2dec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 346D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYcE3oFSdZBYjYxgG_XrAU2n7ylnB7mKyPYEXVQYLSzzKsceh1kwVFa8IeoynifCAZEd4-L9PLE8mx4CSREoW2vbWqSshelgFwg-yxMXQVlkvl4LE-23lmM9UxAQ0EQib7peJelr6e4AKBVoUvEf8-GRf0chiA6ZYQ_S1afv4izQYVgx-wBS9aPDSObQRbCKoM-kEYRwanEKhElia5um46_XyMjdZzwwaB_YXpspk0pVg66aSKdp_6fAPuH5GwR4hN4J8mFrjxMfssP0EJikX5HUAWMfc11_w5RlOYhjQQ69Mtok1r5eY32yS58HVpQ_QcM-TAkrPSCFqkrg0&sai=AMfl-YQMYOe7yt5TVfkdCnBT85baICJLh01836QFdp8a_G18fl1-HFEL_xKwAz0q6MukEEHuCiToYycT3D0DXm2YoB6bBVD_2hm31G5huFYqIWn6X2sNftKmMZijbmuc_w&sig=Cg0ArKJSzOoCFMqnBKzxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
dsp.adfarm1.adition.com/cookie/ Frame 346D 		0
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.adfarm1.adition.com/cookie/?userid=7235933438855739536&ssp=9&gdpr=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.93 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.adfarm1.adition.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:21 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, User-Agent
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
show_banner
dspcluster.adfarm1.adition.com/ Frame 346D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=4395932&cid=5899827&bid=17865793&auction=DD242C2A-6CB6-4FD2-97B2-F7BB01DDA4C4&ts=1684747041124&bidid=7235933443127879058&p[country:de,isFirstPrice:1,postalCode:60323,trafficType:2,long:8.67,bidId:7235933443127879058,advertiserId:128654,ssp:9,referrer:aHR0cHM6Ly93d3cuaWRybGFicy5jb20vdmlsbGFpbi90ZXN0LnBocA,adSlotId:4413083,supplyId:161763,domain:idrlabs.com,winningPrice:0.070000,networkId:3284,auctionType:1,lat:50.13]&userid=7235933438855739536&adhost=ad-dsp66&gdpr=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.67 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dspcluster.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
15786d8256f31076d7df2abe66584ed13242fa354434feee5b3f1edc02515290

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 11:17:21 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
dsp.active-agent.com/reporting/ Frame 346D 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.active-agent.com/reporting/?auctionId=DD242C2A-6CB6-4FD2-97B2-F7BB01DDA4C4&bid=7235933443127879058&bannerId=17865793&campaignId=5899827&contentUnitId=4395932&impressionId=49&ssp=9&xr=&xc=&winningPrice=0.070000&contacts=1.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.66 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.active-agent.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 May 2023 09:17:21 GMT
Access-Control-Allow-Credentials
false
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 346D 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
integrator.js
adservice.google.de/adsid/ Frame F9F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F9F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=3340932193976750&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=2460199046&didk=2887917932&sfv=1-0-40&prev_scp=hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.05%26hb_adid_pubmatic%3D88d6ad3b8f933b7%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D88d6ad3b8f933b7%26hb_bidder%3Dpubmatic&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041814&lmt=1684747041&dlt=1684747039011&idt=1049&adxs=353&adys=899&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=xer8tl6e7lwb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=ABHeCvhNK1IflLCigunkEYjo5AyiE3m6ZM6-atNdsl1RUsJPWM-oK2IZxiW0iYC1JNTQ7Av4Zo2GC9wxleseCudlNfEIaqWp%2CABHeCvj--tIdg9kMb92DJGi6EfvMYiiwuDJChwCrAJ8AReBxFNfCC9TEe9yDGq0baaEKAt2TI1lwmRS0y6pD-X1dlBMBZZmA%2CABHeCvirWkEcYgSYXaKfO_UIuZfWprSzXc-v9OO42Mz5mM1lfgmswrmpf60jFMHbtgqZrhDhIZlGY5YsPlbGouXaVWACobqI&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a9ab46ed2e6da6366cd989bed9d64b3583c2734109c39160f97e091ca6acaf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11012
x-xss-protection
0
google-lineitem-id
5111852800
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875424
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 90CB 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kxa9gxqq60zx5mkmeyy32qwzehn8zzt5k3p299ycmfn4vjpb5kdr6m0gms6ybpbfw43yp6hebxmk7kk0sxvnp30x0ygcrxpcs20wk0g0pa8t3xp8y3eazaapd0gb6xc42qct5zpb2ag1kra1bddndwpmzmg4atmhkjpgamq65qhg61gdgven487t0d8hv1a2txcnq4swy7xrwqp6wzyf0t4echmq1w37w6g0sfjbrpapynrwgghhrd5bds4zhzsen87mr2wevcxe14x5yehsntrjym1sj6abkjvqnb7ja7r2zxtayyfp4ygv5tc5x77nwq29bs8abkra0kjhphk2zrmk9ct8qfr48v499gzv6bk8401gbr6fkm2d22tffdwnfvdxekxvkr8bg91re7sp56n8h943ktjgf99ppzntm0zbw1hydmtx9qb3hj4m1x0p22tmyeb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%26client%3Dca-pub-6552175488733768%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kxa9gxqq60zx5mkmeyy32qwzehn8zzt5k3p299ycmfn4vjpb5kdr6m0gms6ybpbfw43yp6hebxmk7kk0sxvnp30x0ygcrxpcs20wk0g0pa8t3xp8y3eazaapd0gb6xc42qct5zpb2ag1kra1bddndwpmzmg4atmhkjpgamq65qhg61gdgven487t0d8hv1a2txcnq4swy7xrwqp6wzyf0t4echmq1w37w6g0sfjbrpapynrwgghhrd5bds4zhzsen87mr2wevcxe14x5yehsntrjym1sj6abkjvqnb7ja7r2zxtayyfp4ygv5tc5x77nwq29bs8abkra0kjhphk2zrmk9ct8qfr48v499gzv6bk8401gbr6fkm2d22tffdwnfvdxekxvkr8bg91re7sp56n8h943ktjgf99ppzntm0zbw1hydmtx9qb3hj4m1x0p22tmyeb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%26client%3Dca-pub-6552175488733768%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
974714
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrSNudSA5Urp7ctjXoi82qkXEEZhuon2GVTNSPcgA0Ei8BjZXRwURp%2BjilSklsqNDIkVieX1ro%2FoHj2xlhCWhKlt2K4nBxlVwlZRAq5TvBuXO3ybTLQ1if1L65%2Fy2ToC0d9KaxrW%2Btk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cb3f7336dc31919-FRA
expires
Mon, 22 May 2023 10:17:21 GMT
r62eglto.js
ad4m.at/ Frame 90CB 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kxa9gxqq60zx5mkmeyy32qwzehn8zzt5k3p299ycmfn4vjpb5kdr6m0gms6ybpbfw43yp6hebxmk7kk0sxvnp30x0ygcrxpcs20wk0g0pa8t3xp8y3eazaapd0gb6xc42qct5zpb2ag1kra1bddndwpmzmg4atmhkjpgamq65qhg61gdgven487t0d8hv1a2txcnq4swy7xrwqp6wzyf0t4echmq1w37w6g0sfjbrpapynrwgghhrd5bds4zhzsen87mr2wevcxe14x5yehsntrjym1sj6abkjvqnb7ja7r2zxtayyfp4ygv5tc5x77nwq29bs8abkra0kjhphk2zrmk9ct8qfr48v499gzv6bk8401gbr6fkm2d22tffdwnfvdxekxvkr8bg91re7sp56n8h943ktjgf99ppzntm0zbw1hydmtx9qb3hj4m1x0p22tmyeb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%26client%3Dca-pub-6552175488733768%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
502289
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jERafa7y5RsCga142kq71xNez%2BV0mUntrQojGQb%2F82fgLZyqbEiVEwcSmflqmWAQAG5F0WpmUDTJTpdKXl79PPS33SvqiWS8pi4Z0%2B2xbf2pGXfw6aQVTDXiZuwuDPvg8gF71%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7cb3f7336dc51919-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 09 May 2023 13:46:06 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=1580461533719684&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&adks=965386203&didk=2887917935&sfv=1-0-40&prev_scp=hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.05%26hb_adid_pubmatic%3D87a448eb5543787%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D87a448eb5543787%26hb_bidder%3Dpubmatic&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747041829&lmt=1684747041&dlt=1684747039011&idt=1049&adxs=353&adys=899&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=bq0kafrb04s1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=ABHeCvhNK1IflLCigunkEYjo5AyiE3m6ZM6-atNdsl1RUsJPWM-oK2IZxiW0iYC1JNTQ7Av4Zo2GC9wxleseCudlNfEIaqWp%2CABHeCvj--tIdg9kMb92DJGi6EfvMYiiwuDJChwCrAJ8AReBxFNfCC9TEe9yDGq0baaEKAt2TI1lwmRS0y6pD-X1dlBMBZZmA%2CABHeCvirWkEcYgSYXaKfO_UIuZfWprSzXc-v9OO42Mz5mM1lfgmswrmpf60jFMHbtgqZrhDhIZlGY5YsPlbGouXaVWACobqI&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2f79730fbddde7a9b3358185896419e071a590bdb79bc18dafaf16854e44ffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11000
x-xss-protection
0
google-lineitem-id
6152679798
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693207
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 471D 		215 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
446053ef0213c73fb61ae7f5886f3d3b6bbbb6d896d664977d8821afd65d497c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 471D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 471D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CFEF 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3422631141&adf=467759286&pi=t.ma~as.RON_728x90_House&w=728&lmt=1684747041&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041395&bpp=15&bdt=337&idt=459&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=2&ga_vid=215484772.1684747038&ga_sid=1684747042&ga_hid=1107460658&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=3712403075&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C31074545%2C44785292%2C44788441%2C44790154&oid=2&pvsid=279225184921592&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.utm94g7zq4ls&fsb=1&dtd=486
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 1872 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305150101&jk=1135691075320070&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame A184 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6b29fc904565d0e71927a5493cedcdb9892145b009e58c6fa65d2049e7e9385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122659
x-xss-protection
0
server
cafe
etag
11496975108263977578
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:21 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 7975 		215 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
962381315581786b07796c25527cd556b3fc5891f3f5fb557de179f7e9fa97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 7975 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7975 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 32B4 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467760281&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747041&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041466&bpp=12&bdt=275&idt=480&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747042&ga_hid=440142559&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=2997360142&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C44785293%2C44788441%2C44789779&oid=2&pvsid=3848651362865139&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.tf6n6zjabw59&fsb=1&dtd=499
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		367 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250g_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=efd81e41-09b6-4d22-952a-5a3ac2e28781&l_pb_bid_id=1071a76afcf21908&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250g_desktop&slots=1&rand=0.4649929604586607
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9f554bd5e5a436e10dabe580e2ab092d26737fe5a55d5649d686a17cba3df5ce

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame F9F7 		95 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
dd06a980d344c67fec5ec8a6b71d99fb4c710b46bdef7cac90b6c419f82748d3

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
translator
hbopenbid.pubmatic.com/ Frame F9F7 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame F9F7 		821 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22115ec8fe6e035746%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250g_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=6e6b2767-e82c-45d7-b589-595dcef6814e&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6b7f6b7f419968430d0c8a03ae08dfd9a960e7b1c57e4f89e98deb96b6c28483
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
476
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-6%22%2C%22callback_id%22%3A%22117e3d5f736a6a8b%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250g_desktop%22%2C%22tid%22%3A%22efd81e41-09b6-4d22-952a-5a3ac2e28781%22%2C%22auctionId%22%3A%22fc95b4c3-33ca-4431-8d69-565f8015df47%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747041980&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:21 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame F9F7 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
189
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		38 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10db6dd2309687596324ed42761d2258fb25820b7a083ecb86ca1d1ec8290e5b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwJopBC03SAnp0ppfNy8j6XhwPVyUNdloDscwLwjx8GNvlsV1ZmOiV5h31uMbCpdxBlLeIEp3QsrRrhiinqdCFLk7iSoW%2Btnk7yIzMwk5AlVmQz0qCe3ZTuIJNcBfFb6fuqMOcg2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f7346ad6373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
pixel
cm.g.doubleclick.net/ Frame A252
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sm9tY0dScVYxUTExRm81&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGNQUiL3Ch240EWF3TZ9CfEk6IboJt7hbMmb4_e04il...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sm9tY0dScVYxUTExRm81&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGNQUiL3Ch240EWF3TZ9CfEk6IboJt7hbMmb4_e04ilxsKJwO1ButnkBPX2GRMQjM67a6aToCjAJu7ma12fiuWB8Tvp5myg_
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:21 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sm9tY0dScVYxUTExRm81&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGNQUiL3Ch240EWF3TZ9CfEk6IboJt7hbMmb4_e04ilxsKJwO1ButnkBPX2GRMQjM67a6aToCjAJu7ma12fiuWB8Tvp5myg_
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A252
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMNpJDF_qFRN7Ui4VckFfc0&google_cver=1&google_push=ATf1kGPMbryTCO2k0eQXzeeii6hNs7bOMH5Yrgss_h28cd4cOrsgT-kTaAxuWNI77g7edJbgaGh6AizMvEhVT4DJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=BJRkazMhSwCsUji_yeo-jw&google_push=ATf1kGPMbryTCO2k0eQXzeeii6hNs7bOMH5Yrgss_h28cd4cOrsgT-kTaAxuWNI77g7edJbgaGh6AizMvEhVT4DJEF6shZ-A...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=BJRkazMhSwCsUji_yeo-jw&google_push=ATf1kGPMbryTCO2k0eQXzeeii6hNs7bOMH5Yrgss_h28cd4cOrsgT-kTaAxuWNI77g7edJbgaGh6AizMvEhVT4DJEF6shZ-AuwJs7g
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:22 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x26 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=BJRkazMhSwCsUji_yeo-jw&google_push=ATf1kGPMbryTCO2k0eQXzeeii6hNs7bOMH5Yrgss_h28cd4cOrsgT-kTaAxuWNI77g7edJbgaGh6AizMvEhVT4DJEF6shZ-AuwJs7g
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 May 2023 09:17:21 GMT
google
match.adsrvr.org/track/cmf/ Frame A252 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEEYrro9qdzOueZaMgbQZD0c&google_cver=1&google_push=ATf1kGMTdA8rXJMHql-G2yh9L56OeogWcBNKKNv09Q2ai1T2Clo6H0LKjauEHJ-YI1Lcowedpy7QPqhIFuGxPGxUFHECsGKUA-7xLg
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame A252
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBNIlv2U1ys6Y922wfxe5-w&google_cver=1&google_push=ATf1kGPTeGb7QxYPNUjHYx0NnxfQiFuU3B7CYD3sYCqGwL_ueals9QnAH4tnO4BcJKRhtAnxq80G5hY3od7_S7wjDmhIERe...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPTeGb7QxYPNUjHYx0NnxfQiFuU3B7CYD3sYCqGwL_ueals9QnAH4tnO4BcJKRhtAnxq80G5hY3od7_S7wjDmhIEReEBFSjfQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPTeGb7QxYPNUjHYx0NnxfQiFuU3B7CYD3sYCqGwL_ueals9QnAH4tnO4BcJKRhtAnxq80G5hY3od7_S7wjDmhIEReEBFSjfQ
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPTeGb7QxYPNUjHYx0NnxfQiFuU3B7CYD3sYCqGwL_ueals9QnAH4tnO4BcJKRhtAnxq80G5hY3od7_S7wjDmhIEReEBFSjfQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame A252
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-C5ldCLJzIeBs2wv81fpPCibgk6OKS4YKefBIew&google_push=PUSH_DATA
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
85459
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A252
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELXX3m1QwlgOeRp-H-3QmEQ&google_cver=1&google_push=ATf1kGMNWd4_1hAhPj_W82sMEwQwhH0sDn4IgVmv9gDEaGvFXK0anTW3U8N0XR92YGg5873mBP1KX79AVU-j12SO...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMNWd4_1hAhPj_W82sMEwQwhH0sDn4IgVmv9gDEaGvFXK0anTW3U8N0XR92YGg5873mBP1KX79AVU-j12SOAnhALHhB_dpB
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMNWd4_1hAhPj_W82sMEwQwhH0sDn4IgVmv9gDEaGvFXK0anTW3U8N0XR92YGg5873mBP1KX79AVU-j12SOAnhALHhB_dpB
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 22 May 2023 09:17:22 GMT
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGMNWd4_1hAhPj_W82sMEwQwhH0sDn4IgVmv9gDEaGvFXK0anTW3U8N0XR92YGg5873mBP1KX79AVU-j12SOAnhALHhB_dpB
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
g55WCDCD4nh0S0acCYq5VInictiHPm3_1S0hcNhOuewcqClFkfHaMg==
pixel
cm.g.doubleclick.net/ Frame A252
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESELZ0BD3zqx7sz38DYrqXH7M&google_cver=1&google_push=ATf1kGN_jI-hrtx762HxVOomZQ8PMDCJ32CkZLBMRh62Vpei1f6o6fWqyLQGnCb-rsNykscNqG6F097JLHhtgqKV-fjmMAD...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGN_jI-hrtx762HxVOomZQ8PMDCJ32CkZLBMRh62Vpei1f6o6fWqyLQGnCb-rsNykscNqG6F097JLHhtgqKV-fjmMADuE0rU6GI&google_hm=NTEwNzQz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGN_jI-hrtx762HxVOomZQ8PMDCJ32CkZLBMRh62Vpei1f6o6fWqyLQGnCb-rsNykscNqG6F097JLHhtgqKV-fjmMADuE0rU6GI&google_hm=NTEwNzQzMzgyNzk4ODAzMTE5MQ==
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ATf1kGN_jI-hrtx762HxVOomZQ8PMDCJ32CkZLBMRh62Vpei1f6o6fWqyLQGnCb-rsNykscNqG6F097JLHhtgqKV-fjmMADuE0rU6GI&google_hm=NTEwNzQzMzgyNzk4ODAzMTE5MQ==
Date
Mon, 22 May 2023 09:17:22 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame A252 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHX7B0ld7zebUx1v-sH_00iR0weG0gdqi-UBZW9dImQ6nT3dDfva-7a9ZSnO3bliclki5IOw
Requested by
Host: 87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
URL: https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:21 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame AC96 		215 B
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78042629eeb892cf1d90c0a1907639329582fa86a0876b1dc9a3ed836c5ae5b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame AC96 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AC96 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 90D5 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3422631141&adf=467760279&pi=t.ma~as.RON_728x90_House&w=728&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041541&bpp=12&bdt=302&idt=464&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747042&ga_hid=1633818051&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=2361954075&scr_x=0&scr_y=0&eid=44759875%2C44759837%2C44759926%2C31071259%2C31071756%2C31074688%2C44788442%2C44789923&oid=2&pvsid=888148739970482&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qy8fhysy8cyr&fsb=1&dtd=574
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame AD82 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
dbtlib.js
imagesrv.adition.com/js/dbt/ Frame 81AC 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/dbt/dbtlib.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
47d8dabc70c62f44afef6ddc54356b49f16ed6b4f01b306f519f63c7a1283f79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
last-modified
Tue, 07 Aug 2018 06:19:39 GMT
etag
"3896939110-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8729
hit
visitanalytics.userreport.com/ Frame 81AC 		43 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitanalytics.userreport.com/hit?t=AMX18caecb6&event=impression&gpdr=0&gdpr_consent=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-127.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
vrBc0EhGKa8dl_tujGhI9Fe7xKDJ.7QF
date
Mon, 22 May 2023 02:16:10 GMT
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
25274
x-amz-meta-cb-modifiedtime
Tue, 14 Apr 2015 11:43:27 GMT
x-cache
Hit from cloudfront
content-length
43
last-modified
Thu, 04 Jun 2020 12:03:06 GMT
server
AmazonS3
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
x-amz-cf-id
pZVLUZco1eSFVNW2U-2I1qMpHClZTKXKNThgIrrmYtUJWhOQDyaV0Q==
expires
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame D37B 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24883
content-encoding
gzip
content-length
14445
content-type
text/html
date
Mon, 22 May 2023 09:17:22 GMT
expires
Mon, 22 May 2023 16:12:05 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame 2444 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161763&siteId=951966&adId=4413083&imprId=C9C61D0D-76BC-4330-8778-9FA996C9EDB2&cksum=2B95F9C371896717&adType=10&adServerId=243&kefact=0.112490&kaxefact=0.112490&kadNetFrequecy=0&kadwidth=728&kadheight=90&kadsizeid=7&kltstamp=1684747041&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.140612&dcId=3&tldId=0&passback=0&svr=BIDAMS0037&adsver=_810189242&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=ITNrZIlTAQDz--RMm74RL4pUlbH1SGPJKwrYS-sooj7RtK5f&ekaxefact=ITNrZJFTAQDVwltNhWuFo0P5IeVCt5SaTPQP5JgZJ6X_q3GN&ekpbmtpfact=ITNrZJhTAQAm6PrJ5FBapDJvXpwyzXAxlSNFwf42nh2UPPCa&enpp=ITNrZJ9TAQCf7TMl1IUMmoydTY_KMh-MOnCyVdsQxGkPFBYV&pfi=1&domId=5078253400103136894&dc=AMS&pubBuyId=20680&crID=17866224&lpu=mobile.1und1.de&ucrid=10900121001944309308&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3202&wDspId=1101&wbId=2&wrId=0&wAdvID=113000&wDspCampId=5899998&isRTB=1&rtbId=1BABADF7-F354-4757-9288-8728342CA241&ver=5&dateHr=2023052209&oid=C9C61D0D-76BC-4330-8778-9FA996C9EDB2&cntryId=58&domain=idrlabs.com&sec=1&pAuSt=2&wops=0&sURL=idrlabs.com&BrID=5
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 22 May 2023 09:17:20 GMT
expires
0
pragma
no-cache
view
securepubads.g.doubleclick.net/pcs/ Frame FE61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuhba6-wvUSr0ncrtI3TzNoNdgKMXIQ71dwDmAqtpQixYV0jbC6xZQURb6awFbbyBitru5Jr7Xf02YSPF1icpX8y56EjLqJQPqmLbfZd5psqsea9Ia4yYGBeXs1105l0xU4MtfoXLrk0y80Usaok6DEyC83tLUcG67bQu6k9xj_yelKjSzqPWAkDEQ2fpxJy8Y1DnNhfI_-iIndpbOUGngYSV4kzZgZP0p-SYUSxs41bLoG0NNDfNtTzVma7LayDKuA5PyIhspzRBabWFc32N4VH-ot07o266MYgygLoBguQZw_TtaB55joyFkAOuYqeFpbIgULDji5DT9ob8&sai=AMfl-YSge0QD8IfWygzwrrRiKRaSMlAN49J2rZdFqwYXDlIQCd7RLIjlOU4k2YdhlHsCoF_E5UuXXmVGW_9SaWsjBjikcoLQLAIwYBYgMS9tNqlu4uVNm0ZCCjmUTKpRZw&sig=Cg0ArKJSzFV-c5r4ESd4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
dsp.adfarm1.adition.com/cookie/ Frame FE61 		0
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.adfarm1.adition.com/cookie/?userid=7235933438855739536&ssp=9&gdpr=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.93 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.adfarm1.adition.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:22 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, User-Agent
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
show_banner
dspcluster.adfarm1.adition.com/ Frame FE61 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=4395932&cid=5899827&bid=17865793&auction=2FA4FE1C-5D97-4B25-AE79-15EC79F76482&ts=1684747041556&bidid=7235933443128196247&p[country:de,isFirstPrice:1,postalCode:60323,trafficType:2,long:8.67,bidId:7235933443128196247,advertiserId:128654,ssp:9,referrer:aHR0cHM6Ly93d3cuaWRybGFicy5jb20vdmlsbGFpbi90ZXN0LnBocA,adSlotId:4413083,supplyId:161763,domain:idrlabs.com,winningPrice:0.070000,networkId:3284,auctionType:1,lat:50.13]&userid=7235933438855739536&adhost=ad-dsp66&gdpr=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.67 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dspcluster.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
af298ab597518545d39951eabcd8aa7ccf251e0d7ff5343776a6f36e7af45aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 11:17:22 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
dsp.active-agent.com/reporting/ Frame FE61 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.active-agent.com/reporting/?auctionId=2FA4FE1C-5D97-4B25-AE79-15EC79F76482&bid=7235933443128196247&bannerId=17865793&campaignId=5899827&contentUnitId=4395932&impressionId=49&ssp=9&xr=&xc=&winningPrice=0.070000&contacts=1.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.66 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.active-agent.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 May 2023 09:17:22 GMT
Access-Control-Allow-Credentials
false
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE61 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:22 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 2BDC 		215 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe8da47e90dd37fd3c1d3de997a4f9045d97163fb29e505be2395a19888eb584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2BDC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 692E 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=90&slotname=RON_728x90_House&adk=3422631141&adf=467757214&pi=t.ma~as.RON_728x90_House&w=728&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041643&bpp=16&bdt=334&idt=531&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747042&ga_hid=270885129&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1110&biw=1600&bih=1200&isw=728&ish=90&ifk=3890344858&scr_x=0&scr_y=0&eid=44792108%2C44759837%2C44759927%2C44759876%2C31074199%2C31074689%2C44785292%2C44788441%2C44792089&oid=2&pvsid=2101823202013566&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.2ycygba5ldec&fsb=1&dtd=553
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A184 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6410de41bf5d4aaeda3cd9a25a82fdc54c1513669a32678d33fc3b24b392fdf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 81AC 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
379150abefc3e1c41de071f47be25fcb991969a73e336e0a3089e35f222f10f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=4050573442488234&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=748357368&didk=2887917933&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d%3AT%3D1684747038%3AS%3DALNI_Ma3p1zf2WTRvlOwmcOYh--6L2iHXA&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747042264&lmt=1684747042&dlt=1684747039011&idt=1049&adxs=353&adys=899&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=rfjleh9v73nv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=ABHeCvhNK1IflLCigunkEYjo5AyiE3m6ZM6-atNdsl1RUsJPWM-oK2IZxiW0iYC1JNTQ7Av4Zo2GC9wxleseCudlNfEIaqWp%2CABHeCvj--tIdg9kMb92DJGi6EfvMYiiwuDJChwCrAJ8AReBxFNfCC9TEe9yDGq0baaEKAt2TI1lwmRS0y6pD-X1dlBMBZZmA%2CABHeCvirWkEcYgSYXaKfO_UIuZfWprSzXc-v9OO42Mz5mM1lfgmswrmpf60jFMHbtgqZrhDhIZlGY5YsPlbGouXaVWACobqI%2CABHeCvjux-g7N6B5454NXB4ghPxUOsY8hvQuuuw-4dae4Mj6RrCUBmLjo1fU8pIW3GjH6iRRnssYCKqcrw2bvKVBl70d2ygKC7rD15Q&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78b1d3bfbcd95ff187d78d9026439ef2b20199acd5d76f3d406014fe53f5a1f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10966
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346202
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7FAF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvojLtbIwxOp59wJ52MrOWjLRjjt1vxZEfslSDKzQ5y3Hy5gmbaKqBkpYfDcIbu9fLoQiMvD7goTeKR3HtMjsPlNeAo1bHsrpcHL3LtnE_pzhAD3dfyZlCcDWq9Dkzxv8Z6vdh86IxbSQjlvW5AwS7ON2ItJzU3TCUXm7fczo7_NhdgtUXUQa5woNQaNvLUb1zbwgQysYMm2tLHWFeD8JD-88g5xBb2DNvIWxmzvpPPhJhkgWfTS9ZozaWvSfrzYuYXht1ycuJgIHduHOUKC6qvJfrfjRTBmWn7PjO_r7AU0nVj1z10UCBULlfrB3gvUr_vPxFRckYVj7TvEdo&sai=AMfl-YQ-kf7fnO1nvxUIP8UDxm8qBv7P7JLALVzh304bjFMNfPzrmy51fF6lOCDQuUipnIppXc2pOx0qOUpz9K94fz4PrKzwHi--gxwN1bv6Tn4ZCw5N4zrGw84SjT1pmg&sig=Cg0ArKJSzAuxKsfYtMYiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
dsp.adfarm1.adition.com/cookie/ Frame 7FAF 		0
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dsp.adfarm1.adition.com/cookie/?userid=7235933438855739536&ssp=9&gdpr=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.93 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.adfarm1.adition.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:22 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, User-Agent
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
show_banner
dspcluster.adfarm1.adition.com/ Frame 7FAF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=4395932&cid=5899827&bid=17865793&auction=E1B65A4B-EBA5-4835-A240-F337F5A72B67&ts=1684747041386&bidid=7235933443128040076&p[country:de,isFirstPrice:1,postalCode:60323,trafficType:2,long:8.67,bidId:7235933443128040076,advertiserId:128654,ssp:9,referrer:aHR0cHM6Ly93d3cuaWRybGFicy5jb20vdmlsbGFpbi90ZXN0LnBocA,adSlotId:4413083,supplyId:161763,domain:idrlabs.com,winningPrice:0.070000,networkId:3284,auctionType:1,lat:50.13]&userid=7235933438855739536&adhost=ad-dsp66&gdpr=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.67 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dspcluster.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
56620b82eb36612321b514c214bf5654bf305623f5f836a1b753c87afb12421d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 11:17:22 +0200
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
dsp.active-agent.com/reporting/ Frame 7FAF 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.active-agent.com/reporting/?auctionId=E1B65A4B-EBA5-4835-A240-F337F5A72B67&bid=7235933443128040076&bannerId=17865793&campaignId=5899827&contentUnitId=4395932&impressionId=49&ssp=9&xr=&xc=&winningPrice=0.070000&contacts=1.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.66 Bad Durrheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dsp.active-agent.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 22 May 2023 09:17:22 GMT
Access-Control-Allow-Credentials
false
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FAF 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:22 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:22 GMT
translator
hbopenbid.pubmatic.com/ Frame F9F7 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-7%22%2C%22callback_id%22%3A%22128715198e76225c%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250h_desktop%22%2C%22tid%22%3A%222020c7f2-d027-405b-bb4b-52e250e181ef%22%2C%22auctionId%22%3A%22571ee9bc-5ae9-4075-aa37-7d30f4d73f98%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747042305&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame F9F7 		821 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221308eb8c2723a3eb%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=4076da2f-e089-4014-9590-ff68cb2e3036&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
efe30058b65a5a1ced28dc8ba3771e1f4664af2e6b8fdb755b33d5511d501870
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		367 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250h_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=2020c7f2-d027-405b-bb4b-52e250e181ef&l_pb_bid_id=132bc869f302545c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250h_desktop&slots=1&rand=0.9539446733228778
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
769c9645e51367ab7cae92d37b2925f2a50896d03053346e3c8972b153649610

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame F9F7 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:22 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
215
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ Frame F9F7 		95 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
38ca3c360ad686a0ac33ea95731a2f777213f87e97994177edd4dceb8b9c9607

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		38 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3161bc32f8288c39d4615c57d4c9aca6d4de208a8d4325612f277748ec39b67c

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcPHII1KwZidO2MxAWlEVww%2B50ddcY9DmTG6yuKffy4q%2BWc%2BrxL%2BJxJcQXFfqdKss9cTwqMZA5z1gNVWcJ13PNy23p5k0NwiTZ593JqwsvgBELcBJNgwFvwUOrLweMSdZfM8ro7z"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f7367e06373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 457E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305150101&jk=2875267802583696&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
truncated
/ Frame F237 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc01124fe6ba5ec7bc8ecf27bdaaf71b8eee614e4e8377342fc965675dee75aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 90CB 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3155
x-guploader-uploadid
ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEuR2afa1r8NexLcJOFNyZQbiorcfCDky41XFnrImJtIq0T7fBf9tp0LUrAm%2BRlvVv8hoBnimnwiVSlhLWFZaJ4BwH9hoPWkTfp9Z6esBuKdVJa3rsS%2FldjZQaS8FtCMJ1Yh6qe8RiZRJqkLL%2B3u3sSY"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7cb3f736deca362d-FRA
expires
Mon, 22 May 2023 09:24:47 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:22 GMT
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-8%22%2C%22callback_id%22%3A%22141d40b97af09cb4%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250i_desktop%22%2C%22tid%22%3A%22f29deef7-0267-4a88-8341-e4c5cc57c040%22%2C%22auctionId%22%3A%2289153432-d5bc-4ebe-a95b-5a0ee2eb5f37%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747042389&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame F9F7 		821 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221439dfd4c0a1a235%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250i_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=1d6d897b-ae59-4d77-bc68-ba5a6dddea79&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
27f5ddd2ab6fdf955e9ba1aa9a59b664537e8a51b2ec003f9ef8540246facdf5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
474
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ Frame F9F7 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:21 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame F9F7 		95 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
ec9a9cf7fcfa69143ad78374bb753d563a582becf16760fde2dbabc4f6bde2c3

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		38 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b3b387d78bee7d71b02f890d51c83ad7879a628e6dab2836d273777ad40ab2

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dNjAfOuTpYR4NXeXryOqoF5BgvXxVTkN0cqu%2Bp0zrZuR3VTnEhrITU5jrWNR1FB8nthjZ%2Fmgnq5kitT3uBItlGml5Jc7%2FBYRAe%2Bi1gEWbhSPWU4oGsdhv7HxuIYn1bK9kCzuLtK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f736ff13373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		367 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250i_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=f29deef7-0267-4a88-8341-e4c5cc57c040&l_pb_bid_id=153d05bf7e29f751&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250i_desktop&slots=1&rand=0.6295639960198438
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d0f0ef824991b881d804b22337f1eb75feb0b0007c4a82ee7d61321e74eefaa5

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame F9F7 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:22 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
320
server
envoy
vary
origin, Accept-Encoding
000002605012.jpeg
imagesrv.adition.com/banners/3284/files/00/27/bf/d4/ Frame 346D 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3284/files/00/27/bf/d4/000002605012.jpeg
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
c9acaed37e495c1ce424fa5e0a471a391b9dbf9217b12f51081a8c86ca56711a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 09:17:22 GMT
last-modified
Tue, 16 May 2023 08:27:50 GMT
accept-ranges
bytes
etag
"1077329409"
content-length
125509
content-type
image/jpeg
B29516155.361745012;dc_pre=CIOcgujLiP8CFWyJgwcd2I0JEQ;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_con...
ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/ Frame 346D
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_di...
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=CIOcgujLiP8CFWyJgwcd2I0JEQ;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D...
43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=CIOcgujLiP8CFWyJgwcd2I0JEQ;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=CIOcgujLiP8CFWyJgwcd2I0JEQ;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame F7A4 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24883
content-encoding
gzip
content-length
14445
content-type
text/html
date
Mon, 22 May 2023 09:17:22 GMT
expires
Mon, 22 May 2023 16:12:05 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame BE86 		0
49 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161763&siteId=951966&adId=4413083&imprId=BB94AFFC-878C-4265-BB68-04F08496DCF2&cksum=B1F7B9E7800667B2&adType=10&adServerId=243&kefact=0.060571&kaxefact=0.060571&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1684747041&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.075714&dcId=3&tldId=0&passback=0&svr=BID22519U&adsver=_77573821&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=ITNrZOd0AwDQygZjiQOYWgf2FUs3doQyHaoQtRsvGs4mcGEj&ekaxefact=ITNrZPF0AwC-7mKCQgN_Lm9kybwvctVqLMUkHvjVxeI_UXk6&ekpbmtpfact=ITNrZPp0AwCy4Vey0qqN9pk5ZD0Y9-alHmPUtELe6wmu61Kw&enpp=ITNrZAJ1AwAkD3MkLHja8uht_a_mRQtil1sWnlNzwi9AkLCm&pfi=1&domId=5078253400103136894&dc=AMS&crID=17865793&lpu=www.marktguru.de&ucrid=708248947603563988&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3284&wDspId=1101&wbId=3&wrId=0&wAdvID=1122659&wDspCampId=5899827&isRTB=1&rtbId=DD242C2A-6CB6-4FD2-97B2-F7BB01DDA4C4&ver=5&dateHr=2023052209&oid=BB94AFFC-878C-4265-BB68-04F08496DCF2&cntryId=58&domain=idrlabs.com&sec=1&pAuSt=2&wops=0&sURL=idrlabs.com&BrID=5
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 22 May 2023 09:17:20 GMT
expires
0
pragma
no-cache
truncated
/ Frame 346D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b1edd1c77221f56b743d07216c8c001b29ca08163bc7c77e763b2f41b9a2f42

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6F1C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR3yXxztb9SH0PNrMZjosobobVZvkzOG4XCaqSmlHviqUPL31lVQ8UNl1ieVJxKZ7g8LNtuRtHvZHOjqj-wH9WVbcUvyrs6lRN8mHpZL0V_3yS37LLRfH9Fnsaoo5Onx0TVxnyRJNeo_g3sgu9PlFSFTJxD_U9yCfKMxtZahhhH3g0gHBBlySKTj2z5JoC0iLqGXYd33o_Xcuy2dtQ98QlfwLiQCVZdUkFHtqhoWQfAdCReIU7eptVoC23oTZP6tSGnAfn-2igxd0hBJjF59MJkJbNluUYv4w2Sd4uksbwb9gLmdfd0Y9sa8a1Q4AiCvrMZ4M9gwKN7_tm&sai=AMfl-YRaQE98dJKwBvClJH5WZyblgD9z7pzYdCM-rnQ46JSEmqb3MCF_HSYCkP4kX0uQoTyY3hNoZo2lScyHKj8eIdtYj1ITQFZz5RUe77z2X53G1jq77gBztxYGkqwNoA&sig=Cg0ArKJSzDwRn8wR-oKJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 6F1C 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73dabdce835eda27d022bdf4e86ede2230af3810a2ecf57646b48a509a4db0f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32376
x-xss-protection
0
server
cafe
etag
2462387166822116663
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6F1C 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:22 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 81AC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2vRAdyHor9NykTYihNmcao2fx-TqW87pKnSBLda1hGQkx9iFfHHXDUhLpCBcHg2cvmNxDTzZIST4j5ChXwYpus3B-v77s8Ye15Feehzer-WwGsAnHg8mLjwfJkXcBa2_YZRFJUotqc83x67lx62mar7BAM0_Adz8NUC2hYTuvNlx1YR2ikr1L7O8qe0p7wc9zqdBPQj46EQXp7hhiw0Tb82i1Uf3MiPNL-0XZ0yynNmbOdeW4s_KVBBHWmnz_BVDUKnQs8LVrU1f58-Mtu1-S_dwWiubEKUQUNBq-KTg1XjMBwXoMWmSLw6CbfXw4sNz__40iwF64kmlNeIFA&sai=AMfl-YSY8VjB9GuLyxj9xcJ3_MjnY8kDNRbLnfxNXmYEGQ1VTkZbMYlBCIEUdCS35PY7pFbIhRnQTV9PuiXBL_Kgk_bKrSrl1R_uaVBPUH7w-sv4OGi33cz8FD8LMEl8Dg&sig=Cg0ArKJSzPTw1mRIWnsYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:22 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame A184 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame A184 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A184 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 665F 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5128a08787da5a2965c38c7e818f45f48362c8064a6e263950b2b958c4d905f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
14448
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F9F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F9F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=527802122751419&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250g_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&adks=2511409325&didk=2887917922&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747042547&lmt=1684747042&dlt=1684747039011&idt=1049&adxs=353&adys=899&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=efpmftdco55k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=ABHeCvhNK1IflLCigunkEYjo5AyiE3m6ZM6-atNdsl1RUsJPWM-oK2IZxiW0iYC1JNTQ7Av4Zo2GC9wxleseCudlNfEIaqWp%2CABHeCvj--tIdg9kMb92DJGi6EfvMYiiwuDJChwCrAJ8AReBxFNfCC9TEe9yDGq0baaEKAt2TI1lwmRS0y6pD-X1dlBMBZZmA%2CABHeCvirWkEcYgSYXaKfO_UIuZfWprSzXc-v9OO42Mz5mM1lfgmswrmpf60jFMHbtgqZrhDhIZlGY5YsPlbGouXaVWACobqI%2CABHeCvjl7wBnG2urYM0mMZbM4CFQBU7HSOPcvD4bh2ao683572j57v8el4Oy-4bPA4EF3PPWzWAfQWghgoYKfhWm5W6PuWdO%2CABHeCvjux-g7N6B5454NXB4ghPxUOsY8hvQuuuw-4dae4Mj6RrCUBmLjo1fU8pIW3GjH6iRRnssYCKqcrw2bvKVBl70d2ygKC7rD15Q%2CABHeCvgDrO47WHTHmwQxVqx7TbEHdnpZKusZ1jzglB0TdpUGjdbnkX1LckNPtMzBuZdA98MPrEiIziMNuU6cqiOIKgweWcKo&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4f6048f3f56bc409d845fc775decbd428a8aa9cb43cb12e7065ac23911da168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10962
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346196
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame B8F1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
frame.html
ad4m.at/ Frame D7D5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
79891
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7cb3f738490b9be8-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 09:17:22 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ug3tJfJ1IrVwsZ03DlhQ3NkF2H1jGlex5%2FhXo48rqSEAXyHW4bkJUs0ybsMuImLtgvq9Jyx%2FP9EDjBU8Ub3%2FwvJVzsB9FRUBGiJJ5BcM8Tt9k5Q49FTZhhu5b7enYwUq2zbFmFI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:22 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		367 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250j_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=9840d8f6-6916-4910-94a7-91d1f9359a8b&l_pb_bid_id=158f5ce8b9a5c665&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250j_desktop&slots=1&rand=0.10701031268511763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b1831c3307888e77b728758c99b8b12a91fbe644eeec27801ea377786d14c720

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame F9F7 		820 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2216096ea41b8ff0f%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250j_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=8c8806e5-4002-47a8-91e1-0f222cbcfc84&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
405b50d2095dafa8f38254efffb42e53d5d482804c38e4e1078e99756d06a85e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		38 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f278d5a369c353aae2c1b048fd4a491612042569fc790a0681cfe0c6a297fa7d

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tOp95YPsdZiDF2dwZQrmFfsEwRb%2BK%2FYEa5a5egyVp9swvcF0XT6SYYUL59SqNKTG0%2BbZWYjUwmr94JQuMJekvmTc2NKpNv1AFzWYq6gWKutbqJ2vdqqz5%2FqaOpcSb0U2wY7l3k2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f73858cc373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame F9F7 		95 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
63d7ff2f41a15aac5661b482779ad6ca98bf0527b70061971b16f1defa92b6dc

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
c
prebid.a-mo.net/a/ Frame F9F7 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:22 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
198
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame F9F7 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-9%22%2C%22callback_id%22%3A%22172b990acb121c21%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250j_desktop%22%2C%22tid%22%3A%229840d8f6-6916-4910-94a7-91d1f9359a8b%22%2C%22auctionId%22%3A%2285dd2947-5f2f-4566-b797-5735305901ee%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747042612&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
view
securepubads.g.doubleclick.net/pcs/ Frame 471D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDWtwjS8RLfieVZfKHif1tMl5u0HnNM3TI-C0sKA6ygV1VRxft7m-qA7bgEnJny31Tqg2DKCBBxOqDkKpyPkV-mHdIO7nBnOsca8PglpCp9f0I95yRm9Etwj3TPdRel1uHJVi3xMilADW-s6eBM3EUJAf7gag3c3lfqiFMG50tHKj_rlRyEtfgQ-WZQeaD-lwMU78x2vF6-PoK3t9CcOkdwoexkYXy7zQ9J36CubZI8WCklWKBmjq49DHyyb_3M1Sb2mu5ADg0FeOtvHd4Qtiyg6a0OfL93-w_kGhj_uUHKr-W4Js2v9CTULt5jLYrDKVoESLYNk41mpW6BA&sai=AMfl-YQZugLcFB9Q9XMjSDwMafdsGulcJa0on3N7WsA6YuWrkts7Klm4TcaDvDpQp8EMoBn244EWYRTA2Z16eU5eYzXbWo7hHcA59tg8bOEKNrd5LIl-QdyWN0In32wZGw&sig=Cg0ArKJSzMkAwxEOT43nEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 471D 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac29b3c9e76e766c3f04e5e699bfc47a3fcba8fb5b6dfc5261939af634391584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11213
x-xss-protection
0
recommend
dbt.adition.com/resources/banner/ Frame 81AC 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/banner/recommend?DA_CLIENT_ID=bd92ffc2-ac69-4abd-97d6-73377d8db6d4
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/dbt/dbtlib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
b71d647f406df1867e611dbab2905a9e075baa168d096e3d094ae59504517db3

Request headers

Accept
application/json
Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-type
application/json

Response headers

Date
Mon, 22 May 2023 09:17:22 GMT
via
1.1 dbt-directory03
Server
ISAS
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
*
transfer-encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Accept
recommend
dbt.adition.com/resources/banner/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/banner/recommend?DA_CLIENT_ID=bd92ffc2-ac69-4abd-97d6-73377d8db6d4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Allow
OPTIONS,POST
Content-Length
0
Date
Fri, 17 Mar 2023 09:41:03 GMT
Server
ISAS
Vary
Accept-Encoding
X-Pect
The Spanish Inquisition
via
1.1 dbt-directory02
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=2195665759644360&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&adks=3791825238&didk=2887917923&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747042661&lmt=1684747042&dlt=1684747039011&idt=1049&adxs=353&adys=899&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=qqhhxvn693r0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=ABHeCvhNK1IflLCigunkEYjo5AyiE3m6ZM6-atNdsl1RUsJPWM-oK2IZxiW0iYC1JNTQ7Av4Zo2GC9wxleseCudlNfEIaqWp%2CABHeCvj--tIdg9kMb92DJGi6EfvMYiiwuDJChwCrAJ8AReBxFNfCC9TEe9yDGq0baaEKAt2TI1lwmRS0y6pD-X1dlBMBZZmA%2CABHeCvirWkEcYgSYXaKfO_UIuZfWprSzXc-v9OO42Mz5mM1lfgmswrmpf60jFMHbtgqZrhDhIZlGY5YsPlbGouXaVWACobqI%2CABHeCvjl7wBnG2urYM0mMZbM4CFQBU7HSOPcvD4bh2ao683572j57v8el4Oy-4bPA4EF3PPWzWAfQWghgoYKfhWm5W6PuWdO%2CABHeCvjux-g7N6B5454NXB4ghPxUOsY8hvQuuuw-4dae4Mj6RrCUBmLjo1fU8pIW3GjH6iRRnssYCKqcrw2bvKVBl70d2ygKC7rD15Q%2CABHeCvgDrO47WHTHmwQxVqx7TbEHdnpZKusZ1jzglB0TdpUGjdbnkX1LckNPtMzBuZdA98MPrEiIziMNuU6cqiOIKgweWcKo&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec08c0e607b89068e64a2d4f750b9c7cacb8a80d9353eaea0429b135f842381f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10966
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403346214
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305150101&jk=2035019903819544&bg=!4-Cl4LTNAAZ8_aWmXP07ADkAdvg8WrEHed7hCWxEWDguqRpEgN6sMcOOOzV4AU6pZDkCYJ2rLQsnp5ko0GQwgLj_X1qyYgNmQaACAAADZlIAAAAEaAEHmQKo-ahUbhoYm1WfT25Vx7kg_lma5vioS8_NLXtwr0wC4i2vIVqUj4XIaxDQyzYjZ4QRrsVXUhLNwtWQGZzvLdc0AOhmU42FuEg7QWKTmuvhzkAL6quZXY8gv4mwxcjnUkd5w3ca_VLa-yiUoo6AhjryzEOLtlfwh9NXnODREW1MZnhQBAwlcQrIb4tRhUjXX9VG-DK3kcIil2CjJCzpayfLBXu3gK9L99baJFbRaMvgB9xq32G57kbPkurDpsCIJaic1Z6p-lnqW8cClD1zmOlC9jfJprvsTBSq4-w2GsQ86HpFJv4Np8Iw-VIN5JHb7srbSmdZYQrgbeEKkezUgnl8MXlZIYNjyoI-gDWXoqKQXuyKFK6VFXDVjhy4Xt15sTFMjVYWxp4ydgcF0yS2VWp0ll2CmKMPpMPuN1VBgsTNrHWjNtf5RCEkO9yecOMvArZZzr0yT016L3mXPgp9-gEEFTLkxwX_GNo9by5_ko8yr1xGittm8u3xTDplTRybzutB-5zRsKn0_uyP8Kt9-sovd94w3i8aEnTGNRsDX_ir35xkx6zvAQgYlWCLFHu4XJiL1CJn-y00SGuu6WwM2W25Gs9lZR7wTntLzXSak7SiuGGJDgLHx04sPYKYRFeXxSGqVgBcWfCQxnaxjpUWoNeUmVxvS1S_iVlHbmZ8VT_Y18bH9pRWdc6T-l03gyOrI_nN99HbZ1ZCQQr13oqTjQoNkuujhszkZK2nUVGySP6lqqv04zd1hs2LqLS4U1bRJJ_BrMv5sj8KUGoPt7BfcLdKeTghDjA01AyMRuZv4c_j5IwKfwfdUvtP4XdLcu_E7mJpxn1UWAOL-Jqz0gKXwvNpu2r3SLJ1j6sbPExtj6UT-MWzI24NZsqIGd0_FzipgyclbL3yxnqqTZo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
000002605012.jpeg
imagesrv.adition.com/banners/3284/files/00/27/bf/d4/ Frame FE61 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3284/files/00/27/bf/d4/000002605012.jpeg
Requested by
Host: dspcluster.adfarm1.adition.com
URL: https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=4395932&cid=5899827&bid=17865793&auction=2FA4FE1C-5D97-4B25-AE79-15EC79F76482&ts=1684747041556&bidid=7235933443128196247&p[country:de,isFirstPrice:1,postalCode:60323,trafficType:2,long:8.67,bidId:7235933443128196247,advertiserId:128654,ssp:9,referrer:aHR0cHM6Ly93d3cuaWRybGFicy5jb20vdmlsbGFpbi90ZXN0LnBocA,adSlotId:4413083,supplyId:161763,domain:idrlabs.com,winningPrice:0.070000,networkId:3284,auctionType:1,lat:50.13]&userid=7235933438855739536&adhost=ad-dsp66&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
c9acaed37e495c1ce424fa5e0a471a391b9dbf9217b12f51081a8c86ca56711a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 09:17:22 GMT
last-modified
Tue, 16 May 2023 08:27:50 GMT
accept-ranges
bytes
etag
"1077329409"
content-length
125509
content-type
image/jpeg
B29516155.361745012;dc_pre=CKKmk-jLiP8CFbDjuwgdsvAJYw;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_con...
ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/ Frame FE61
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_di...
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=CKKmk-jLiP8CFbDjuwgdsvAJYw;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D...
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=CKKmk-jLiP8CFbDjuwgdsvAJYw;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=CKKmk-jLiP8CFbDjuwgdsvAJYw;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame E958 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24883
content-encoding
gzip
content-length
14445
content-type
text/html
date
Mon, 22 May 2023 09:17:22 GMT
expires
Mon, 22 May 2023 16:12:05 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame 7950 		0
49 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161763&siteId=951966&adId=4413083&imprId=A40A7D1E-4EAC-479B-AEC9-0FE98F9472C3&cksum=F346304E357DD5C5&adType=10&adServerId=243&kefact=0.060571&kaxefact=0.060571&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1684747041&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.075714&dcId=3&tldId=0&passback=0&svr=BID22524U&adsver=_77573821&adsabzcid=0&cls=BID&i0=0x2100000000000000&ekefact=ITNrZJl3CQAZZeJQIirhOAWXzGflVgVkHX-scZUIg5sAMvsg&ekaxefact=ITNrZKl3CQCnbY3V8BtgJ2PmTXKZarJbeWfx0HtAlHpUVHCI&ekpbmtpfact=ITNrZLZ3CQCwIDeNFfpq9q8R_V1h8rHVOo0rBqIf4uyqnY8T&enpp=ITNrZMJ3CQAm6f8PY8TfsnOAmFPqX0BOavnAMfoh3BKicm3c&pfi=1&domId=5078253400103136894&dc=AMS&crID=17865793&lpu=www.marktguru.de&ucrid=708248947603563988&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3284&wDspId=1101&wbId=6&wrId=0&wAdvID=1122659&wDspCampId=5899827&isRTB=1&rtbId=2FA4FE1C-5D97-4B25-AE79-15EC79F76482&ver=6&dateHr=2023052209&oid=A40A7D1E-4EAC-479B-AEC9-0FE98F9472C3&cntryId=58&domain=idrlabs.com&sec=1&pAuSt=2&wops=0&sURL=idrlabs.com&BrID=5
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 22 May 2023 09:17:21 GMT
expires
0
pragma
no-cache
truncated
/ Frame FE61 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ebc07c325392afca8d3dad06b94ee2b507ab13b293b0cbf3e526b27fd8cda7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame 6F1C 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61bc3055d7aa9817e615155f172666d943538ea21b6dbfa846ed85471eee492e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122659
x-xss-protection
0
server
cafe
etag
15832282195487940059
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:22 GMT
000002605012.jpeg
imagesrv.adition.com/banners/3284/files/00/27/bf/d4/ Frame 7FAF 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3284/files/00/27/bf/d4/000002605012.jpeg
Requested by
Host: dspcluster.adfarm1.adition.com
URL: https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=4395932&cid=5899827&bid=17865793&auction=E1B65A4B-EBA5-4835-A240-F337F5A72B67&ts=1684747041386&bidid=7235933443128040076&p[country:de,isFirstPrice:1,postalCode:60323,trafficType:2,long:8.67,bidId:7235933443128040076,advertiserId:128654,ssp:9,referrer:aHR0cHM6Ly93d3cuaWRybGFicy5jb20vdmlsbGFpbi90ZXN0LnBocA,adSlotId:4413083,supplyId:161763,domain:idrlabs.com,winningPrice:0.070000,networkId:3284,auctionType:1,lat:50.13]&userid=7235933438855739536&adhost=ad-dsp66&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
c9acaed37e495c1ce424fa5e0a471a391b9dbf9217b12f51081a8c86ca56711a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 09:17:22 GMT
last-modified
Tue, 16 May 2023 08:27:50 GMT
accept-ranges
bytes
etag
"1077329409"
content-length
125509
content-type
image/jpeg
B29516155.361745012;dc_pre=COull-jLiP8CFTGE_QcdBDwByg;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_con...
ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/ Frame 7FAF
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_di...
  • https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=COull-jLiP8CFTGE_QcdBDwByg;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D...
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=COull-jLiP8CFTGE_QcdBDwByg;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1106503.422087SEVEN.ONEMEDIAGMB/B29516155.361745012;dc_pre=COull-jLiP8CFTGE_QcdBDwByg;dc_trk_aid=552937817;dc_trk_cid=188878251;ord=%7B%7Bmg-timestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=1;gdpr_consent=%7B%7Bmg-tc-string%7D%7D;ltd=?=undefined&cachebuster=MarktguruCacheBusterTimestamp
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 43C2 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24883
content-encoding
gzip
content-length
14445
content-type
text/html
date
Mon, 22 May 2023 09:17:22 GMT
expires
Mon, 22 May 2023 16:12:05 GMT
last-modified
Tue, 21 Mar 2023 06:09:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
AdDisplayTrackerServlet
st.pubmatic.com/AdServer/ Frame DD55 		0
49 B 		Document
General
Check archive.org
Download Go to
Full URL
https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=161763&siteId=951966&adId=4413083&imprId=94C1F350-EC20-451B-9F29-14C39B37DB89&cksum=AA2F5F9A74165F4B&adType=10&adServerId=243&kefact=0.060571&kaxefact=0.060571&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=9&kltstamp=1684747041&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.075714&dcId=3&tldId=0&passback=0&svr=BID22637U&adsver=_77573821&adsabzcid=0&cls=BID&i0=0x2100000000000000&c0=0x1&ekefact=ITNrZLjyBgAi0Tt9mM3PXfwmoOKGypIXQ1kHZ0yAFbcX4ZRx&ekaxefact=ITNrZMPyBgDTYkhSPCGQIzPqomNvt0Lx3xTWXCJ7WDLsXdeo&ekpbmtpfact=ITNrZMryBgCBz2XMCmARb5fbLDorHwGgHdTwCRGDJAHh4utw&enpp=ITNrZNHyBgDGRccA2JICsglYHqpX3bcUT1U-3oU2Af2Yw20Y&pfi=1&domId=5078253400103136894&dc=AMS&crID=17865793&lpu=www.marktguru.de&ucrid=708248947603563988&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3284&wDspId=1101&wbId=4&wrId=0&wAdvID=1122659&wDspCampId=5899827&isRTB=1&rtbId=E1B65A4B-EBA5-4835-A240-F337F5A72B67&ver=7&dateHr=2023052209&oid=94C1F350-EC20-451B-9F29-14C39B37DB89&cntryId=58&domain=idrlabs.com&sec=1&pAuSt=2&wops=0&sURL=idrlabs.com&BrID=5
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.89 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 22 May 2023 09:17:21 GMT
expires
0
pragma
no-cache
truncated
/ Frame 7FAF 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
347e7ded52f62c949f714afffaa196421f5de5e3a01e4573b8dbd0147ac6c875

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 7975 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQc5Ay0rd5Oa4qn_faGXfkYzymptmiICbYWYQi_mZpIAHG0jwcJ78EVEKr715BJXjyHzyFbmCS5mQhmhL_1rWTytHAwbXcvYHAkQJ3DlxQAYfVwTRYlH-r7rDULWc4ZTdF_R4Ogqj_lcasqOAUm9pcREEmm2VO4SVUZX4IwNYEEU1M30C2CSxmhIbSBKHsu_WHtKvTK6e1lFag-7ElE647_doFwN9M53vtDdlV595kTxHErI9nakY7AcvIC8pIyDIDLmsdGFMaIP4qS_4G0JinT2N4k_Q3D1yH4ibWI-IdbeoRpWB6lJbY49XT2JkJqjKr_vgRpJel4MiR2w&sai=AMfl-YSBCbJAY6MtcT9UxNErN9y8JgjI7l63kYO8uOlqha2Gu0TsmOYE2FIMZtWPjPDgPMR1T8ovchOIxBNoh1TSTuAk9uQj0gLB4K4Q8TILMUy005yXjSyX_gXEBGFMUQ&sig=Cg0ArKJSzLFOMw9vOTKFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7975 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c01e633ac22bf12e104acef04874987f1e85e67262d9d433d06c880618b98ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11390
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 471D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:22 GMT
d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c351127__@@_____A1M-150_728x9062b967c557fa2.js
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 81AC 		81 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c351127__@@_____A1M-150_728x9062b967c557fa2.js?ts=1684747042852
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/dbt/dbtlib.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
790402e3824b48ca388555d4eaa06a555ab5e118149f652a4393906129b1945b

Request headers

Accept
application/json
Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-type
application/json

Response headers

Date
Mon, 22 May 2023 09:17:22 GMT
via
1.1 dbt-directory03
Last-Modified
Fri, 12 May 2023 12:53:23 GMT
Server
ISAS
ETag
"902a82e223988ee18b5d7408f5d945c4"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c351127__@@_____A1M-150_728x9062b967c557fa2.js";size=82924
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
82924
view
securepubads.g.doubleclick.net/pcs/ Frame AC96 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNk4xwYKXDi57UyxU2Y5fRcjUiMG4hYgpON3ZDJIX8zGDYcuAv-Tv-ZA7CfJQG_CPeS_11MLqk3M2Sah-fufY_Xd8ca0blqvvexJ8Y7OSvzKUUXIc_RlUVhiXR_zuIj8055Q9vuJeHGHhaHvLE5yF25VOJFO3wwvw2c4a8nx_GGqBuiI-i9EzXmvMCN3K5L2hsflhznyQT-zri6Btf4h0_4wUIzSYvSzIWkG7_NHsD6J42cjvqKUoeP1OGVeD-vYSv2Zk4paGoUgBXmTpkbRu__t5iLWm8WuKDdUm2256nR-71ASk7WwyXg6I-deB4ew2iHrURwXUbQaV5GA&sai=AMfl-YSenKl18Cwr0wHgSPh6ofoyMgUVR2fwwX5lv3HgCY1kd61uLHCYDxMM9i4-7bHgme6DMztC7M_cS2uf2gWVUlqv5L3QeBglhfe2y7vLBiC_8v6C-s_PZ3v1kzAY8A&sig=Cg0ArKJSzPBoECKCdRmBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:22 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AC96 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41feffe84b69b8987ac49504eda7997f6b804ace48c54611d499c9ae8ab5d8e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11236
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=3044138232136236&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250i_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&adks=2678559298&didk=2887917920&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747042881&lmt=1684747042&dlt=1684747039011&idt=1049&adxs=353&adys=899&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=qefyi26bgs1i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=ABHeCvhNK1IflLCigunkEYjo5AyiE3m6ZM6-atNdsl1RUsJPWM-oK2IZxiW0iYC1JNTQ7Av4Zo2GC9wxleseCudlNfEIaqWp%2CABHeCvj--tIdg9kMb92DJGi6EfvMYiiwuDJChwCrAJ8AReBxFNfCC9TEe9yDGq0baaEKAt2TI1lwmRS0y6pD-X1dlBMBZZmA%2CABHeCvirWkEcYgSYXaKfO_UIuZfWprSzXc-v9OO42Mz5mM1lfgmswrmpf60jFMHbtgqZrhDhIZlGY5YsPlbGouXaVWACobqI%2CABHeCvjl7wBnG2urYM0mMZbM4CFQBU7HSOPcvD4bh2ao683572j57v8el4Oy-4bPA4EF3PPWzWAfQWghgoYKfhWm5W6PuWdO%2CABHeCvjux-g7N6B5454NXB4ghPxUOsY8hvQuuuw-4dae4Mj6RrCUBmLjo1fU8pIW3GjH6iRRnssYCKqcrw2bvKVBl70d2ygKC7rD15Q%2CABHeCvgDrO47WHTHmwQxVqx7TbEHdnpZKusZ1jzglB0TdpUGjdbnkX1LckNPtMzBuZdA98MPrEiIziMNuU6cqiOIKgweWcKo&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1a67873953aea918e8ae05488679cd03ac207e357051d31b774c5e9f7144601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10993
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403344102
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 346D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwWJQO5BPY1gnP2403D6VF3eBLbtLY2IQAHbTc7IT4QyZHU3uSbk9YsUcfpfOniw2OJCx52kokPqndjgfgoAqxftqC89zqfhtX6gbKEjToLiBgPn_1SMZFxaY29u5n7SAq9WFJlLf-vsE_9jt8eEjc3H9FyInwWpZOVQZBLtA6ogO0HkFTXRSleyPvOL1g0ZQd6MO4BfNfOHE_a5z_l4IB0toV9mkCsY5TJ1ORf29WMaM2ZzIBASfpcfruOfVTYh58d2NfdSUkNbYOPzQlDllucHDI9cQIzAdf3HDFnRYMDanid14wvH5cMEnpvihO0rwsX40vI3rVkHTuBrMnMQ&sai=AMfl-YQup7QL3J3b-Y4yOVH8xdbPNKgbU_2mS0i9VDi3BFpyHI5XQQaBbu5CGmguCQ3TGbSw8ozBxhvZgXJ4Zule7aik88_yyEXXV2gLuHwLsQo4o3SrlhwM1XeKuxYaZg&sig=Cg0ArKJSzGlW3RxggF7OEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:22 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 7FFE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156212&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
view
securepubads.g.doubleclick.net/pcs/ Frame 178A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXOfojoOsczcQZv0N2AtRDftvWehVYuk3NCQBTRusBG10JihzmUJP4Ly4fTXeCHnJpBEpmBpPVTmxH9QnsFWXQgPkTFs8ae-H5T48Mt_Cav82kWeTYr7axynPwK6gVsqtW-VSspPDTUjmGBiIayiJr2p2PHKbdGED7m9gXaYqWZ21Ip9oAimvlc2sdwZG6zuYvTFsy3yuHPikHvqLAMkNmh1i1fMCmxu6McwnGGdhi-Ogo1zVpM5bExop1Ppk8ZsmANZ6fZ6j6BA1XaNd1CvD7eLVHREwTSR0yKH6ExIe9QD6I4pW3egJvBjIL8QrJZa7Gbhk5tyIdGQbQ&sai=AMfl-YQoAIJaFCvaPkYyueamJV_UciM00sks653zUlzH_Ueupqz4IgZ0FEseq4m74pYwHfKZQfJ73qsrTZ-KMP13mPb-s0CmUn80id1QIVgA7d_m-MKdwERrChuVOOlf6g&sig=Cg0ArKJSzBRWyhjw8r8OEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 178A 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97e574f371c767e9f2020c816a348a5365165af8c1050a744a815a01e7da5771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32379
x-xss-protection
0
server
cafe
etag
16650986501893743785
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 178A 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:22 GMT
d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c351127__@@_____A1M-150_728x9062b967c557fa2.js
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c351127__@@_____A1M-150_728x9062b967c557fa2.js?ts=1684747042852
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Accept
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Allow
HEAD, DELETE, GET, OPTIONS
Content-Length
26
Content-Type
text/plain
Date
Fri, 12 May 2023 12:53:24 GMT
Server
ISAS
Vary
Accept-Encoding
X-Pect
The Spanish Inquisition
via
1.1 dbt-directory01
integrator.js
adservice.google.de/adsid/ Frame F9F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F9F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=1768076689382102&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&adks=3518033837&didk=2887917921&sfv=1-0-40&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747042979&lmt=1684747042&dlt=1684747039011&idt=1049&adxs=353&adys=899&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=m6dpxxucrlkw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x0&fws=384&ohw=0&ea=0&psts=ABHeCvhNK1IflLCigunkEYjo5AyiE3m6ZM6-atNdsl1RUsJPWM-oK2IZxiW0iYC1JNTQ7Av4Zo2GC9wxleseCudlNfEIaqWp%2CABHeCvj--tIdg9kMb92DJGi6EfvMYiiwuDJChwCrAJ8AReBxFNfCC9TEe9yDGq0baaEKAt2TI1lwmRS0y6pD-X1dlBMBZZmA%2CABHeCvirWkEcYgSYXaKfO_UIuZfWprSzXc-v9OO42Mz5mM1lfgmswrmpf60jFMHbtgqZrhDhIZlGY5YsPlbGouXaVWACobqI%2CABHeCvjl7wBnG2urYM0mMZbM4CFQBU7HSOPcvD4bh2ao683572j57v8el4Oy-4bPA4EF3PPWzWAfQWghgoYKfhWm5W6PuWdO%2CABHeCvjux-g7N6B5454NXB4ghPxUOsY8hvQuuuw-4dae4Mj6RrCUBmLjo1fU8pIW3GjH6iRRnssYCKqcrw2bvKVBl70d2ygKC7rD15Q%2CABHeCvgDrO47WHTHmwQxVqx7TbEHdnpZKusZ1jzglB0TdpUGjdbnkX1LckNPtMzBuZdA98MPrEiIziMNuU6cqiOIKgweWcKo%2CABHeCvgvljlCcCfCOP3APOml8Wm08stcpBAaixVnL8UtGV35dHgWXZQH5LenuRXgAqgWPdST8ImMfHIrbnvgZwUkintaedhw&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
715304747af42e63d0c4ab0d39380b612fe70d5dc8aa658c01171aac4f00a020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10988
x-xss-protection
0
google-lineitem-id
6101519259
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403343952
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2BDC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5e9hThV1qEUP-xTaJR1ExJxbm8nlusozHb5hh_1AsFIVC4Tce_NR3wPZNTa5mqXBiB3QZ4Ly5nk_isCcqUjy-wT07tSUI3vBfGN2SVK0h4xE5FeLP-oVW21N1PjMTy08NM43VeGPs9Dj4AfMHHI8hPxQsVdzJxhTjfsDGZLBg3c8ESDayP-zO4ZewfKp4CEroGI1rgE2jUu46kdhg6Cna1JKwpLYYhREjO6Ao8-N0PqhVDuvIqpM9jBKOS7wfyL19Ohv5JzI_Do3reBMaTxvvav0yitUj5EhSKPf9py1Q4TfdwXt6QIdvpYcUFaZ3FXd_b_T5W7tMFjbD&sai=AMfl-YSdyR03-cDVNrSxrPCOxADM_u2RzmoTSnNxe_JVRuxExtZKYE0s7mVWiha0NgStGLkH4k_aVEyl-MbQHyfFN65ThyLhoh9TZqBhsxPSJV-FDQI0jmyUA1vzXhvtBw&sig=Cg0ArKJSzGFn2JunEpLBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:23 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2BDC 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97275f3877eb4c193d26b9e00de7ef6a4714732721450aa041dff44dc8bce66c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11205
x-xss-protection
0
truncated
/ Frame 6F1C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23a8715bb3d25d3f29b365bb341053fa3fa780fd1e0bbfcf17b1d36261fc7f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame E958 		733 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83910185&p=161763&s=951966&a=0&ptask=DSP&np=0&fp=1&rp=0&mpc=10&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
473bb57358fe1594bc940bcbbc79c86b3f13b2694d108498b5f054f89f972161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 22 May 2023 09:17:23 GMT
content-length
733
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 8A11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuNa5ao89GJXJkL-3PnvX0OxDOG4M2vCItC6NSfovScW148wNylQABIfZNwiHFCq33W1CEC81ct23wF_FVgV5bSpZRK65PI8zE_gjRUMkjvcRyZlpBLQEU2pV55n3MiB0xx4OCkaSmqEGNS9OX5OVjBLPbzoMxkNhDO4VvFuXef05AFDVgwzAQKk-Vu4RNAV-QGDAIXhDn3sa2Jl1NsR2oienKe4CFnjUQyXeU_ji6ZxHo7ma0ZDwlUVxKgBdgnIMq8sjfHwn6wF5abbhvjNBqHFbUjAzEsnDHXcsRs15umhwEOZk0sKMDcTLSGjuaqQ-BYgwslfry8iCt&sai=AMfl-YQgt3w_bx_7Xu05fHXc5eO_1NIqFrjmsbg3KC2xYKJ3tfi5ODqnZ5IGD2WHLRrSBDrjTt0QW00e9HiEEMmyhn3HEaXY_5agXuTNNV0rl8hY_cTJ5rR_911JbtZ8kg&sig=Cg0ArKJSzPB22OtnQPnJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8A11 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b866094902ee2c06cf0553bbb8bdb64c2316f675cdd906afd98e9ef5a127e033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32375
x-xss-protection
0
server
cafe
etag
259592645347587738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A11 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2BDC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FE61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscPCMMVR8fJ17pnWOY4wj222WFY7PZT_PJe0FTFSEb4-9Sownj-YZjwoQ8Vu9xYfg9PiryCmNayiRrC1J85z4Pb10CoIzKwSzo4n1BgYHNX0OVm-htDSLvL9yR7e7efWn3j2x8WS-dR8gtxJi6hO0CcK0iGkB3NtPIJUQhJUSTBxcJFUqsS6U1Yg0ojveu4_bs7RPL968MAK1Ltsb-A5uy0Mme2icN_yGZyQeT-5a4yRnKaFw19A_t9-oOVMPhJapwpN4urhY98TFWiWo5_m2D6E4E8TVs3CbcnyVWxvQdj-EZqAIVjJdig3xwTPUTD7qgnqYnvKxIiWHxLt5Q8g&sai=AMfl-YQciZjK8dxYlOa36HtQc5tf_Y9i8XnPndRFi6bvRpaSwXflkGPl8L-hX-v7lC9Or4u76IJo_fqG-66KAn7XW8PRmB6ek0xY_aK1buzsZHf5bNsx58DB1ZL1uQRT3Q&sig=Cg0ArKJSzDRQOj2Reqz1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1C51 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstT2ZQhqqzUI-KvEbyyovxT7jiUv0tUwN1VNNZelUM6ivEkbx5AmoE5L5EyBnRkUlA3l0_jh2Vfb7F59qHPkC5GiuTqUj8x3hCBuzjaFqY17e-zqzP25eqAhO-6HUrgApZAgdscVfY2sETG7juYSs2AVs1rTo7RiCHgOU2JJXijo48PoCjCsKYde814_K-E6zRgdhRHXTcsgBDasNIC-FhjA_ooPxS1XpqfIHMeNxj-UVh9fXVRh8muHjk-mDSZz6Oq6w4_Hnkj91jrRgtfN55JGjzoBh_2HXXzedCRpKCwD5nroD-Xvy2mDAS68jotv4Pc9wp9xPRl-nem&sai=AMfl-YRLi622YIpyiBq0Sc_2iGwlwxX2VehXW6dQLAyVn0PqOOa7M6AIOTiWeP1dH_RZJl853yxxJCGy05WYI2eSwie7dyqnYRxLM32UMA84VUKwZa3KvuD5gmaMMkgidw&sig=Cg0ArKJSzN5RdpOqx3ZgEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1C51 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec9218c60d8f57a1a80cfeeed13b7bc1f5838873ab0067fbce1dfc9b68c3ba2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32375
x-xss-protection
0
server
cafe
etag
627499542896909855
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C51 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7975 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AC96 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A32F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6QGiIjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTHAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHcHw8izxuGO8aIgpBfTlchLbrRKmSmplnkdCPcBPtusVWrNNvzryABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi02NTUyMTc1NDg4NzMzNzY4GLzhFg&sigh=uRjXvmu2LNc&uach_m=[UACH]&cid=CAQSOwBygQiDhgU_kSuWvZBB0374qFdauGVOYmFAneD3OBu8bKCjMxxVGHWJZbKtV1b1zA9aAWMkaBNhqdCSGAE
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 May 2023 09:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame A32F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hv3vjyn0vazme02kn3fhr7npd2zmm038zta4ze4m518ta321zqn2mt3vvjx3ke6zbjnxfwtax408sy2rbye6dk5acsndwcxq8jgatphvsbd4089088rzktwhz9syafez7w0n4g3405312ae0g8n33xcvk84v2yzv57aw18jt97x7800xpjyrh805b9fc1vxa1nr9m8eqpma09wd0jbhwk0ycz6sq3h3katphgj4m7nf45r0sktb66j3e3nr4ttwvhyaefvq8ve03r9wpcagz29tpfwz5s5c39mrahnxz0953pexp3s4xsrd9sp8mtajaqcg6fm4d2qz6fgt6zvgyyt1qbrv8rqpe7v7zkqfvy698degmqjktn95ax49kqhf6svvrgqp8gqs248&b=ZGszIgAJUYkE0bs0AAMKqxi6Kt368lZTHj233Q
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 09:17:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 6C89 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kdvh3dp15j615aqn17pvgn9e8kwbtjydsj51djbzyxqsk1z0w7582mm12y7tafyztftenfqea7s2ghxsxsgrk67j9h2vav90wkyqngcjmt1w46febxy9ymz8c4z82n5y257n5v7shkmz356bz55br2jeehfjjztbwb4t319zfr57r874frt6kcp7a0ybq1pe5hv6akknxa4snq88a57a480m4cjrqgkgz74gv0080daz7eqr8495p2sn7q9s2fdtyp49gv2302vvhe0c1xsm75ta85ecx3ezj2jb628t4tb6h3pp2nbft56c2rx8j4wjvdw6sabpssam2xng4ez0m5ekw2jf61fyx63rskzaabvajmsv1dmjgnxabxg8kzbqh31trejjn50ep9t17ttprrddvffh6jc0ygqyfxdhewew0jxyrhd70ce5m5s8yfkfj1qsyww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%26client%3Dca-pub-6552175488733768%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f2929c948fec9dba1d90ec625e39228d4f5c128151c51ac40601cff0de4551d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cb3f73fbb839be8-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:23 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame A32F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
46208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 20:27:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AEC9 		1 KB
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7763
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Tue, 23 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame A32F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
l
www.google.com/ads/measurement/ Frame A32F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRETeU1tnvqbQ-faj7fNIeT1OGSe2Pn9OJaDhQjJcanrFkVMg8JGXHz0H9XOwDsKpcL7oIgedQ0CaAOp1h4KuTzhBV4oA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A32F 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7FAF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrjkJcboFtwlmV4dZBxPVte1Ux5vDUAQs5-NGRkd7b33Fa5vVWKope1mAne8eAq6E6wzuG49LOyFfDemAObfb0xpms_i-6fadGGtEWpN1sosnlPjgprr6JfIbyxfOzA7YZ9J8lzojSKci7Hiaqzne5KPmEAGXEWl6MGQCdXoKefi90BGFGugGiPCbHI-on4EbL2z39mMvsz5k08qE3BZsts8CO-bbUjZ8zjIvaqkz5khsb_kRYnlrgfCz3cjytiEBpuSbJvg6b3Dr9qyPUNYcyEwGGy0v8lKpk0RQC2rLPAqNV-Iq5reEP3XFJJRzYr5nTgN_jGWUIpiTGVA85NQ&sai=AMfl-YQh7FFjrFWe2WoxLqSiGsKPMDFB-7FF8q-6BHLfINteMyhvjGKMqjq1VL6zZaxMsSo4L-YaoK4BmV7EcGfGMoA1nIYesE30-HqBgIm_ey1FOMbZU3OwhNq1eXc53A&sig=Cg0ArKJSzL14fKrzEmmmEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:23 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/ Frame 178A 		354 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31074719
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0782565894966d4511c6003ef8a05302dbba735d1fd38787685ec1d674cda46e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122568
x-xss-protection
0
server
cafe
etag
17632502235970339272
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:23 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 6F1C 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 6F1C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6F1C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8657 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=2563153727&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747043&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747042771&bpp=17&bdt=324&idt=544&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747044&ga_hid=50036502&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=454400323&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074545%2C44788442%2C44792089&oid=2&pvsid=3252810816889326&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.epdhxjvor6bc&fsb=1&dtd=1032
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7DE7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtmx9pmv7AZh19WgBm4M1CQkNdRt5yTADH2EXpj5PyiZfWNqS1Zn4cNV1hXoIIu-24yjbft8od4H3afX7NF-3Jelk0jprZ8vUBfP8lzfWMXMun7-yPLL64NF8FB2ll2n4mNzgHeylBfCdD8qBAnAPRzcK4VitL7kCNwsUaltes_v82imYvGyjAh-besQ5Yg0_XKBb2HPjLZIlwev741vzSaWt9lnhK352dPvseqLJWVWMclwgHNCBbNPntS7bOxSUSE3VOT0pbqIR8T843fDA7AzdaevsgVfjtK90q91PalvGaylvMXnteCWWnsczp435WAGjd_AsIVZoC&sai=AMfl-YSYFeZtdJn8mXJVOaRw_P3PJ9OUpK7rAio3xS9zNL4PwSsuqBJL0f1XA7_MFm5ZEp3MSybj5xZCm0RyyuvX9RATMOXH06h0nliBxw6EgnzwFUCxX0dXK95FhtgV2w&sig=Cg0ArKJSzC6Sb9E6mghuEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7DE7 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b1c4244e97c927f2e39cfc882161b664b22d2896889157dc47dfa58699edd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32376
x-xss-protection
0
server
cafe
etag
17568548752406508446
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7DE7 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:23 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F237 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVyncpvJZ1mWbgT6nfnA6zw0dAD6N96OowvXRBtCus-pxu57pODFOuvmEie4cNqYf0hTJxS9dhXpb7PF6_dsxm7VIK&sig=Cg0ArKJSzL8J7y0T6WEgEAE&id=lidar2&mcvt=1533&p=1110,436,1200,1164&mtos=1533,1533,1533,1533,1533&tos=1533,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2587397766&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747041388&rpt=957&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://87611474810e088512a1506d145f792b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 81AC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxGwsjLtJNFFoeJ2HGNvk71Zvb6Sv9pqmZPnNoOy4XAJFEHJtbettc66sXO7YRlR72DFV16CJSwOdUns732pT_FhwcUWplqMVNb4Xlf6sfW6rbWK7k&sig=Cg0ArKJSzBqBOjInV40yEAE&id=lidar2&mcvt=1309&p=1110,436,1200,1164&mtos=1309,1309,1309,1309,1309&tos=1309,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3516126248&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747041605&rpt=881&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A640 		659 B
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30886708&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6a2015d1e7588ff4dbf23e5921637788e4c2712cb1e26bb73c67d24ec9dd1cd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 22 May 2023 09:17:23 GMT
content-length
659
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 471D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDH7r8pJ3VWZvCap5IvquaVyFoErc0K-qEpDynZckXiaxw0NISTho2a1OvD_lP0k9b4yhNsP5dRntHVlwUnAvv-Q2woa-7OdpFK4JpXqYrLU8RtFT8&sig=Cg0ArKJSzMDSK6nCa6wvEAE&id=lidar2&mcvt=1216&p=1110,436,1200,1164&mtos=1216,1216,1216,1216,1216&tos=1216,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4283511922&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747041058&rpt=1567&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 6C89 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kdvh3dp15j615aqn17pvgn9e8kwbtjydsj51djbzyxqsk1z0w7582mm12y7tafyztftenfqea7s2ghxsxsgrk67j9h2vav90wkyqngcjmt1w46febxy9ymz8c4z82n5y257n5v7shkmz356bz55br2jeehfjjztbwb4t319zfr57r874frt6kcp7a0ybq1pe5hv6akknxa4snq88a57a480m4cjrqgkgz74gv0080daz7eqr8495p2sn7q9s2fdtyp49gv2302vvhe0c1xsm75ta85ecx3ezj2jb628t4tb6h3pp2nbft56c2rx8j4wjvdw6sabpssam2xng4ez0m5ekw2jf61fyx63rskzaabvajmsv1dmjgnxabxg8kzbqh31trejjn50ep9t17ttprrddvffh6jc0ygqyfxdhewew0jxyrhd70ce5m5s8yfkfj1qsyww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%26client%3Dca-pub-6552175488733768%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kdvh3dp15j615aqn17pvgn9e8kwbtjydsj51djbzyxqsk1z0w7582mm12y7tafyztftenfqea7s2ghxsxsgrk67j9h2vav90wkyqngcjmt1w46febxy9ymz8c4z82n5y257n5v7shkmz356bz55br2jeehfjjztbwb4t319zfr57r874frt6kcp7a0ybq1pe5hv6akknxa4snq88a57a480m4cjrqgkgz74gv0080daz7eqr8495p2sn7q9s2fdtyp49gv2302vvhe0c1xsm75ta85ecx3ezj2jb628t4tb6h3pp2nbft56c2rx8j4wjvdw6sabpssam2xng4ez0m5ekw2jf61fyx63rskzaabvajmsv1dmjgnxabxg8kzbqh31trejjn50ep9t17ttprrddvffh6jc0ygqyfxdhewew0jxyrhd70ce5m5s8yfkfj1qsyww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%26client%3Dca-pub-6552175488733768%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
1186687
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLGfnDBsL%2BIjzkpD2cbG3q1CAlKvxfMwBctuMEEk1%2BFI2gnV%2BkFPRYjAmCj3MMQZT5cs4Akfv21OdJcIYJSOI3b0Cpb8HzE3kGFbTmvW7CSlbB1Go49PKu%2FQDNJQZ9I1Dt7yPhcgwL0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cb3f7408ce39be8-FRA
expires
Mon, 22 May 2023 10:17:23 GMT
r62eglto.js
ad4m.at/ Frame 6C89 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kdvh3dp15j615aqn17pvgn9e8kwbtjydsj51djbzyxqsk1z0w7582mm12y7tafyztftenfqea7s2ghxsxsgrk67j9h2vav90wkyqngcjmt1w46febxy9ymz8c4z82n5y257n5v7shkmz356bz55br2jeehfjjztbwb4t319zfr57r874frt6kcp7a0ybq1pe5hv6akknxa4snq88a57a480m4cjrqgkgz74gv0080daz7eqr8495p2sn7q9s2fdtyp49gv2302vvhe0c1xsm75ta85ecx3ezj2jb628t4tb6h3pp2nbft56c2rx8j4wjvdw6sabpssam2xng4ez0m5ekw2jf61fyx63rskzaabvajmsv1dmjgnxabxg8kzbqh31trejjn50ep9t17ttprrddvffh6jc0ygqyfxdhewew0jxyrhd70ce5m5s8yfkfj1qsyww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%26client%3Dca-pub-6552175488733768%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 13:45:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
575630
etag
W/"fcb2a26b07bd76d9a925cae661d6d94d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7A9OmOEHJAU4Ts8vjklhrOhEOkoErVH4PlvipDbck6NzeSbYp05XXumTjuiRayRWoDAR5Ty%2BWv%2BSM98r%2FrC0%2BsDnElN7nEjxeC%2Bz68N5lHtXNqLhY82mN0JA7%2FvCX%2BIZGgI26lo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7cb3f7408ce69be8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 09 May 2023 13:46:06 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame 8A11 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14817d6a5f18f51a3e30cef055c442d64c626ed8e0f5d82ae4d8547b5d9de384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122658
x-xss-protection
0
server
cafe
etag
12212364107656909104
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:23 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 994F
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1smkskj6ar06
42 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1smkskj6ar06
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Mon, 22 May 2023 09:17:26 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1smkskj6ar06
lws
123
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
1
Pug
image2.pubmatic.com/AdServer/ Frame 9137
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=dfe66d05ed691090/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QMnUUQaVnQURbaRa&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QMnUUQaVnQURbaRa&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 22 May 2023 09:17:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Ecv7Kmx8QMnUUQaVnQURbaRa&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame BC84 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 22 May 2023 09:17:23 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
generic
match.adsrvr.org/track/cmf/ Frame 48FD
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674665837
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674665837
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 22 May 2023 09:17:24 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
etag
RX76b68e41a17540c193b84b6a90b5fee6003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6674665837
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 3C30
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:69B69F95C0274999BF5E0F1EE083CCFE&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:69B69F95C0274999BF5E0F1EE083CCFE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 09:17:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 22 May 2023 09:17:23 GMT
expires
Sun, 21 May 2023 09:17:23 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:69B69F95C0274999BF5E0F1EE083CCFE&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BE54 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9987
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6E88 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c2557a307af4b5f7430493260b2263c04a79b33ce0c26add667abe93b1deb1ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LFiloEMRkeIe0ArJ2uXbVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-LFiloEMRkeIe0ArJ2uXbVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:23 GMT
expires
Mon, 22 May 2023 09:17:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pbcas
ads.yieldmo.com/ Frame 6164 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 45C6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50531
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:23 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 19DF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50531
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:23 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame D199 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
36bce364d27862838be713ea5e7416ace53204e061b6eb4cc5878e8cbb9b66e3

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
569
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1
pbcas
ads.yieldmo.com/ Frame A0DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 09:17:23 GMT
beacon
ap.lijit.com/ Frame 9F1E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
fe3d4a4a945866598d9d437acefcebfa65bad4f74fad2d6c15123923428e4aab

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
566
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1
beacon
ap.lijit.com/ Frame 2C85 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
50139391a1782871ce511cc899de384831586749c09c6d623e8f33c249113fdb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
568
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:23 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 0DDC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7cb3f740eb5c9274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:23 GMT
expires
Mon, 22 May 2023 13:17:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2EE9 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7cb3f740fb609274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:23 GMT
expires
Mon, 22 May 2023 13:17:23 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame 7C5B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
pbcas
ads.yieldmo.com/ Frame 14F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2CF6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 69E2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 00D5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7cb3f7410b6a9274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 13:17:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame E130 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
3e3d1e63d1d7b001ed41a102a8341aac723452b68e04a2328d02bfc7433df14d

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
566
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1
beacon
ap.lijit.com/ Frame 1B1F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
79e1b23fd52a296bbb9542faa6996c55cc9869b8e38df0dad705821c6d52dea1

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
565
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1
pbcas
ads.yieldmo.com/ Frame 06FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame EEC3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7cb3f7412b899274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 13:17:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6D77 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 83C2 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 09:17:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7191 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7cb3f7412b909274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 13:17:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
us.gif
sync.go.sonobi.com/ Frame 60D5
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0494646b-3321-4b00-ac52-38bfc9ea3e8f
49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0494646b-3321-4b00-ac52-38bfc9ea3e8f
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:24 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-45
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x25 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0494646b-3321-4b00-ac52-38bfc9ea3e8f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 May 2023 09:17:23 GMT
generic
match.adsrvr.org/track/cmf/ Frame 60D5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtset
bh.contextweb.com/bh/ Frame 60D5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=ab6714ed-d3a3-49dd-9649-9c75329955ae&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=U0c3RGp4S0tySnRyOWtKRExraGhiQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEAMsj_yXlvk0MFhBUB44rs&google_cver=1
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEAMsj_yXlvk0MFhBUB44rs&google_cver=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-78764785dd-r2j7t
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEAMsj_yXlvk0MFhBUB44rs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 60D5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=a55441b0-c591-46b2-8849-a4235ea4c0b0&google_hm=YTU1NDQxYjAtYzU5MS00NmIyLTg4NDktYTQyMzVlYTRjMGIw
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFd7t1krCXEcdPfQKuWbuQ8&google_cver=1&ssp=sonobi&bsw_param=a55441b0-c591-46b2-8849-a4235ea4c0b0
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a55441b0-c591-46b2-8849-a4235ea4c0b0
49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a55441b0-c591-46b2-8849-a4235ea4c0b0
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-30
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a55441b0-c591-46b2-8849-a4235ea4c0b0
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/ Frame 60D5
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827988031191
49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827988031191
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:24 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-82
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827988031191
Date
Mon, 22 May 2023 09:17:24 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
truncated
/ Frame 178A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
33a6817c3de0fbca8b9cc40cc53cb2e455983007e57969849ecbdd0279508460

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c35eeee__@@__645e319dc0486.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame FE75 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c35eeee__@@__645e319dc0486.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
5b62a9c7be177b007149431b8a1d41872a37c5e663a5f637b19d45f375175a4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:24 GMT
via
1.1 dbt-directory01
Last-Modified
Fri, 12 May 2023 12:53:23 GMT
Server
ISAS
ETag
"88e461da828c912c2a1a67cc58408700"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c35eeee__@@__645e319dc0486.jpg";size=84931
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
84931
d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c373b9c__@@__645e31aa0a027.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame FE75 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c373b9c__@@__645e31aa0a027.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
93949e6460edcea9da2f1acd0806890acdd494aa688f7555af4e3422cea8d0ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:24 GMT
via
1.1 dbt-directory02
Last-Modified
Fri, 12 May 2023 12:53:23 GMT
Server
ISAS
ETag
"66cc325efba0547b95106d028f549add"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c373b9c__@@__645e31aa0a027.jpg";size=100444
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
100444
d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c35eeee__@@__645e319dc0486.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 81AC 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c35eeee__@@__645e319dc0486.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
5b62a9c7be177b007149431b8a1d41872a37c5e663a5f637b19d45f375175a4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:24 GMT
via
1.1 dbt-directory03
Last-Modified
Fri, 12 May 2023 12:53:23 GMT
Server
ISAS
ETag
"88e461da828c912c2a1a67cc58408700"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c35eeee__@@__645e319dc0486.jpg";size=84931
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
84931
d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c373b9c__@@__645e31aa0a027.jpg
dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/ Frame 81AC 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dbt.adition.com/resources/storage/bd92ffc2-ac69-4abd-97d6-73377d8db6d4/TemplateAttribute/d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c373b9c__@@__645e31aa0a027.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.4 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
dbt.adition.com
Software
ISAS /
Resource Hash
93949e6460edcea9da2f1acd0806890acdd494aa688f7555af4e3422cea8d0ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:24 GMT
via
1.1 dbt-directory02
Last-Modified
Fri, 12 May 2023 12:53:23 GMT
Server
ISAS
ETag
"66cc325efba0547b95106d028f549add"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Content-Disposition
inline;filename="d5489f6a-6d90-4938-8ddb-15bfac435704.645e36c373b9c__@@__645e31aa0a027.jpg";size=100444
Access-Control-Allow-Headers
Content-Type, Accept
Content-Length
100444
activeview
pagead2.googlesyndication.com/pcs/ Frame AC96 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8A2spEhplr16kqoI2-dp0HXjv-DpL5dzGUfH_5VS2W307xj4q7X5NxsngHK-YD9n4eZrHP415_4118X7Rz5HijXtWcgKEq-Xxjt7XJOqhC2X2_e2n&sig=Cg0ArKJSzDcA-5BEUpMCEAE&id=lidar2&mcvt=1162&p=1110,436,1200,1164&mtos=1162,1162,1162,1162,1162&tos=1162,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=658150668&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747041240&rpt=1627&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7975 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvM63rd3xUMTrj0LWXY_7AT9tnWkkHcPFFbgRgJvV_gKRxPycasNHUqpU_ZWJ8TQovfCW_qCoG8pFoehZdbpl1ZbxxUYP2XuFbF1_MuKQSyce9zdqAC&sig=Cg0ArKJSzHJc3fomrSPAEAE&id=lidar2&mcvt=1165&p=899,353,1149,653&mtos=1165,1165,1165,1165,1165&tos=1165,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1246821082&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747041191&rpt=1642&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3448 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9988
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E6B5 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2af81711ea6d3818fd076ac9cc25f9781c55240cf1816d7a6cfba704903deba8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--L84DXWvWmcy_d1LX93lWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce--L84DXWvWmcy_d1LX93lWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 09:17:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 8A11 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2094c08f370920907a02723c04a3c858bb4cfd7a386bda434e305796d928af39

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame AD82 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Js1TsQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame D199 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D199 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:23 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame D199 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame D199
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
generic
data.adsrvr.org/track/cmf/ Frame D199 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ap.lijit.com/ Frame D199
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:24 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
date
Mon, 22 May 2023 09:17:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D199 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame D199
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9F1E 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:23 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ap.lijit.com/ Frame 9F1E
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:24 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
date
Mon, 22 May 2023 09:17:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9F1E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9F1E
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 9F1E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
data.adsrvr.org/track/cmf/ Frame 9F1E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 9F1E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 9F1E
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 2C85 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ap.lijit.com/ Frame 2C85
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:24 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
date
Mon, 22 May 2023 09:17:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2C85
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2C85 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 2C85 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generic
data.adsrvr.org/track/cmf/ Frame 2C85 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 2C85 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2C85
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E130 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:23 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame E130 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
data.adsrvr.org/track/cmf/ Frame E130 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ap.lijit.com/ Frame E130
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:24 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
date
Mon, 22 May 2023 09:17:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame E130 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame E130
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame E130
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E130 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 1B1F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1B1F
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1B1F
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1B1F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 1B1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
merge
ap.lijit.com/ Frame 1B1F
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
date
Mon, 22 May 2023 09:17:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1B1F 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
generic
data.adsrvr.org/track/cmf/ Frame 1B1F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C671 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame C223 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 60C9 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7cb3f7422c639274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 13:17:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame A29F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E4E0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame F67F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
65283646bacbd3fbfd153f7d46bed7e31421dcaeac8b2a072e8b6e8cddf3e851

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
569
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1
pbcas
ads.yieldmo.com/ Frame EF16 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 7E84 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7cb3f7423c769274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 13:17:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame B845 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 65A5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7cb3f7423c789274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 13:17:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4E34 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 28C0 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7cb3f7424c7c9274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 13:17:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F972 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 286A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
2993958bd3de1de515ef5163465b6722ee82cc16af1de211858ffce1ffdd05d3

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
564
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 1627 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7cb3f7424c8c9274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 13:17:24 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8C76 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161763
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame B6EB 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
4143086d4620148bd7d9bf233b79d8440a938df912735a9490ae3eecc231f529

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
570
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1
beacon
ap.lijit.com/ Frame 338C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
8ec8a9d404c1a1b26e059c2df195a558fc8f137a862bc51907f7d6b2b7fc0bbb

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
564
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1
usync.html
eus.rubiconproject.com/ Frame 63F8 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 09:17:24 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pbcas
ads.yieldmo.com/ Frame 9A90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
beacon
ap.lijit.com/ Frame C7A0 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13401719
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
3f27870b71f2b71fbc0444ad585cfa127686e716c3246319cb0fbac147a33b33

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
573
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap2ams1
generic
match.adsrvr.org/track/cmf/ Frame F9F7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=8b725e5cd3&gdpr=0&gdpr_consent=
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
us.gif
sync.go.sonobi.com/ Frame F9F7
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827988031191
49 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827988031191
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:24 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-179
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827988031191
Date
Mon, 22 May 2023 09:17:24 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame F9F7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsonobi
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=f65b57da-3428-4375-802b-c61cadfcf72c&ssp=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a55441b0-c591-46b2-8849-a4235ea4c0b0
49 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a55441b0-c591-46b2-8849-a4235ea4c0b0
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-30
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=a55441b0-c591-46b2-8849-a4235ea4c0b0
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/ Frame F9F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0494646b-3321-4b00-ac52-38bfc9ea3e8f
49 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0494646b-3321-4b00-ac52-38bfc9ea3e8f
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:24 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-30
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x25 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0494646b-3321-4b00-ac52-38bfc9ea3e8f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 May 2023 09:17:23 GMT
rtset
bh.contextweb.com/bh/ Frame F9F7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=3c3c7336-8375-40aa-84ba-b25c0600cb71&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=aTB6bGxGcDdWX2Z0c2FhdFRBMDM3QQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEAMsj_yXlvk0MFhBUB44rs&google_cver=1
49 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEAMsj_yXlvk0MFhBUB44rs&google_cver=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-78764785dd-r2j7t
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEEAMsj_yXlvk0MFhBUB44rs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2BDC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIc9cyFpsGsp1oj-PoPzoGnI0KRDO53mZuCL4IjQRgxEKFARfN7Vg-HXz5z-u-4R3bp3OlaeUsseVMSKgkgLnCXlPL4nGmWtOJytKsL_T5cehdlTlZ&sig=Cg0ArKJSzBnkBpQIghtoEAE&id=lidar2&mcvt=1171&p=1110,436,1200,1164&mtos=1171,1171,1171,1171,1171&tos=1171,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1332890142&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747041308&rpt=1689&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame 1C51 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f47b3405e1d6f11070412bfd94f20e1a1f42648dd4de3cd621c38bd82be0c395
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122666
x-xss-protection
0
server
cafe
etag
12853394524185364143
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:24 GMT
pixel
cm.g.doubleclick.net/ Frame AEC9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sm9tY0dScVYxUTExRm81&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGOoyVsLY8uVwFZ1JINyd9ukahlRcKKiGdKtzDCMNmL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sm9tY0dScVYxUTExRm81&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGOoyVsLY8uVwFZ1JINyd9ukahlRcKKiGdKtzDCMNmLT4PpQ73tf6EcMww70vCnsccTmu5wRwRkkHp10o0FWQ2dqiBIrgsM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:23 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Sm9tY0dScVYxUTExRm81&google_gid=CAESEGtZl_Y6azIG3thGuGYlsGs&google_cver=1&google_push=ATf1kGOoyVsLY8uVwFZ1JINyd9ukahlRcKKiGdKtzDCMNmLT4PpQ73tf6EcMww70vCnsccTmu5wRwRkkHp10o0FWQ2dqiBIrgsM
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame AEC9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-C5ldCLJzIeBs2wv81fpPCibgk6OKS4YKefBIew&google_push=PUSH_DATA
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H2
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
89217
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AEC9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEP6Ze4zsrlTZ5yP6fkgAgP0&google_cver=1&google_push=ATf1kGPFjIlMM4L4UILnpEgcvfYOhOSMJ1STCeET7ShzPK7LMYxoLtjYS0YQvoVouHT1APPvS2zgKncJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIwNTM3MzEwMDQyMzMxOTQxMA&google_push=ATf1kGPFjIlMM4L4UILnpEgcvfYOhOSMJ1STCeET7ShzPK7LMYxoLtjYS0YQvoVouHT1APPvS2zgKn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIwNTM3MzEwMDQyMzMxOTQxMA&google_push=ATf1kGPFjIlMM4L4UILnpEgcvfYOhOSMJ1STCeET7ShzPK7LMYxoLtjYS0YQvoVouHT1APPvS2zgKncJrpqk6eRiyj2QD3lUFTI2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzIwNTM3MzEwMDQyMzMxOTQxMA&google_push=ATf1kGPFjIlMM4L4UILnpEgcvfYOhOSMJ1STCeET7ShzPK7LMYxoLtjYS0YQvoVouHT1APPvS2zgKncJrpqk6eRiyj2QD3lUFTI2
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame AEC9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jnsMcj-kRAWBpnw5Pngarw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jnsMcj-kRAWBpnw5Pngarw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMUwQsHaNd736Ly4nhu2XsEGn-y3p_2IHyRPS3UX-GusaW9bWtc7hsCTJfJymxA9Ki1Di_2ze9YBzzDsByLxKelvXZr9iOT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jnsMcj-kRAWBpnw5Pngarw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMUwQsHaNd736Ly4nhu2XsEGn-y3p_2IHyRPS3UX-GusaW9bWtc7hsCTJfJymxA9Ki1Di_2ze9YBzzDsByLxKelvXZr9iOT
date
Mon, 22 May 2023 09:17:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame AEC9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPSmE055e2JQcjVS_fmvvMk&google_cver=1&google_push=ATf1kGMORIMm18-Th0btSPtnDD_xgOwi3jTJD0PqNHxQjKHKu-75NOwnPZVFjY_tY0bq5AzKZ0y...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZTVcwOTgtUy1CSjgx&google_push=ATf1kGMORIMm18-Th0btSPtnDD_xgOwi3jTJD0PqNHxQjKHKu-75NOwnPZVFjY_tY0bq5AzKZ0y5FtoNpRWXrW0Gys9Lr6P9LZIa
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZTVcwOTgtUy1CSjgx&google_push=ATf1kGMORIMm18-Th0btSPtnDD_xgOwi3jTJD0PqNHxQjKHKu-75NOwnPZVFjY_tY0bq5AzKZ0y5FtoNpRWXrW0Gys9Lr6P9LZIa
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZTVcwOTgtUy1CSjgx&google_push=ATf1kGMORIMm18-Th0btSPtnDD_xgOwi3jTJD0PqNHxQjKHKu-75NOwnPZVFjY_tY0bq5AzKZ0y5FtoNpRWXrW0Gys9Lr6P9LZIa
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame AEC9
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGjNBVMJ20nrHKFHdghP62k&google_cver=1&google_push=ATf1kGMfPfGuub-4WCqYeZZ4p0JDdGwE9o3WmaIwieK3HcpK-tOAVAYjy8gAxE1qqan9u7fLMlRPc5yP2q4wJZpY5...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMfPfGuub-4WCqYeZZ4p0JDdGwE9o3WmaIwieK3HcpK-tOAVAYjy8gAxE1qqan9u7fLMlRPc5yP2q4wJZpY5FsxKMI3lMqS&google_hm=Gr_NqNZHNGX6_p-EToKz61xb
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMfPfGuub-4WCqYeZZ4p0JDdGwE9o3WmaIwieK3HcpK-tOAVAYjy8gAxE1qqan9u7fLMlRPc5yP2q4wJZpY5FsxKMI3lMqS&google_hm=Gr_NqNZHNGX6_p-EToKz61xb
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGMfPfGuub-4WCqYeZZ4p0JDdGwE9o3WmaIwieK3HcpK-tOAVAYjy8gAxE1qqan9u7fLMlRPc5yP2q4wJZpY5FsxKMI3lMqS&google_hm=Gr_NqNZHNGX6_p-EToKz61xb
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync
ssbsync.smartadserver.com/api/ Frame AEC9 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBnMmR_pPVz0AKt-5sQXg88&google_cver=1&google_push=ATf1kGPL0nizveHZ29JIb-PQEeUZ_LPe9n3vWErPN8HqBDjMF0LFM6zQQPlna9Px4l4vz29gKUr8oCNwE2uqmhhIVciRFN_4DsqH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame AEC9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYFyfuCGK-4cxc654On77B5rwJRdGPU9LCguEVreh1ZVRPAj9Rh7SYm71T2RpfjliaoumG
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=467757280&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747042&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747041903&bpp=18&bdt=313&idt=599&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-223b5e59e4dd0032%3AT%3D1684747038%3ART%3D1684747041%3AS%3DALNI_MYTKHLjH2doQfYoYdXa3R5sjvynpQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747043&ga_hid=1120666786&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=1700207854&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C42531705%2C44785294%2C44788442%2C44792088&oid=2&pvsid=3172209606075871&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vfjiuj52wulr&fsb=1&dtd=626
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame 83C2 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60308
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:02:32 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ Frame 7DE7 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14817d6a5f18f51a3e30cef055c442d64c626ed8e0f5d82ae4d8547b5d9de384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122658
x-xss-protection
0
server
cafe
etag
12212364107656909104
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA07 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9988
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0F11 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a9af05d7a68cd60590f66c592ee274367423402c066d69bb08f4e4973dc1b5c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FmUp37FVpYklVnSoaXRyyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-FmUp37FVpYklVnSoaXRyyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 09:17:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 406C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FAC5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0AAB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 5631 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
47ba46ca2c46f800d3e9e4511cbbcdf0dcf34f92836ec4ae054962e997f0f12a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1849
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame A9DA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
1f90d0f1c22775889ffd03597983823b7640661ce42eb9ed20c98dcb2d8ead62

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1920
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame 1E4A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
14031565e5c9c98bb9ed04d6b707281b989c82ce705099daa43b0c41956e49bc

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1670
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 99F1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame FF37 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
9c506fb71ae0fe4b42b527cbade5d352d6c2f89fb8f8d74575f671dd64b5bfa2

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1592
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame A0C2 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
4a64ad6e35ad1a42b69dd210ead7b077843ea16d5c5d0650b002250c34cd8c21

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1629
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 306A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50530
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2FF4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9988
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D9D1 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a6defe76008fd170dddef823631b5b4955715a2e7f6537d824225ab6b0796b3a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9b6eAMwjsraX3EK81fkmzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-9b6eAMwjsraX3EK81fkmzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:24 GMT
expires
Mon, 22 May 2023 09:17:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame A32F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec524840a3128a54e296c87d694dec3c2cf3fc79a3496c70dbd89896875a4fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1C51 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f43a02c472d9f13a1649078114ca2de3b7d43277266184e34ea8649c01db97e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F67F 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame F67F
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame F67F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame F67F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generic
data.adsrvr.org/track/cmf/ Frame F67F 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame F67F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ap.lijit.com/ Frame F67F
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F67F
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 286A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 286A
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 286A
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ap.lijit.com/ Frame 286A
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generic
data.adsrvr.org/track/cmf/ Frame 286A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 286A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 286A 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 286A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame 737D 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 22 May 2023 09:17:24 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
merge
ce.lijit.com/ Frame 7CB7 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
mw
mwzeom.zeotap.com/ Frame A640 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7cb3f744ad6c6977-FRA
access-control-allow-headers
*
content-length
95
info2
uipus.semasio.net/pubmatic/1/ Frame A640
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipus.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipus.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Frontend-ID
7
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Frontend-ID
5
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame A640
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
  • https://spl.zeotap.com/?zdid=1332&zcluid=dfe66d05ed691090
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=66124555-3074-4e3c-62e4-ca5fd7f1c17a&reqId=e06e586a-87c9-4031-5e3c-130a2971237c&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELzeFiviNoUUCA29ZWAfn_M&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=66124555-3074-4e3c-62e4-ca5fd7f1c17a&reqId=e06e586a-87c9-4031-5e3c-130...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESELzeFiviNoUUCA29ZWAfn_M&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=66124555-3074-4e3c-62e4-ca5fd7f1c17a&reqId=e06e586a-87c9-4031-5e3c-130a2971237c&zcluid=dfe66d05ed691090&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7cb3f74c8ff76977-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESELzeFiviNoUUCA29ZWAfn_M&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=66124555-3074-4e3c-62e4-ca5fd7f1c17a&reqId=e06e586a-87c9-4031-5e3c-130a2971237c&zcluid=dfe66d05ed691090&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 178A 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31074719
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 178A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31074719
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 178A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31074719
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0048 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=2563336852&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747044&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747043295&bpp=15&bdt=358&idt=1266&shv=r20230517&mjsv=m202305170101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747045&ga_hid=30916317&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=3073078871&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074469%2C31074719%2C44788441%2C44790154&oid=2&pvsid=3375046558904824&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.h67oy5mpvtmo&fsb=1&dtd=1290
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31074719
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 63F8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60308
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:02:32 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 338C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 338C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ap.lijit.com/ Frame 338C
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generic
data.adsrvr.org/track/cmf/ Frame 338C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 338C 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 338C
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 338C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 338C
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C7A0
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame C7A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C7A0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
368ba1c92c09ff88b641150fbbf94341
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
data.adsrvr.org/track/cmf/ Frame C7A0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C7A0
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C7A0 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ap.lijit.com/ Frame C7A0
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C7A0 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B6EB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B6EB
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 22 May 2023 09:17:24 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame B6EB 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame B6EB
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ap.lijit.com/ Frame B6EB
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ap.lijit.com/merge?pid=94&3pid=646B33209BED80288830E0E7BLIS&gdpr=0&gdpr_consent=
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame B6EB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generic
data.adsrvr.org/track/cmf/ Frame B6EB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame B6EB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sans-57-condensed.woff
is.dopascalls.1und1.de/banners/3202/dbt/1u1/assets/fonts/ Frame FE75 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://is.dopascalls.1und1.de/banners/3202/dbt/1u1/assets/fonts/sans-57-condensed.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.12 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
32a3422a74af7d747de4ac5565752364302c87f16f4f546cf2f9473626d7df8e

Request headers

Referer
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 09:17:24 GMT
last-modified
Wed, 15 Dec 2021 21:09:51 GMT
accept-ranges
bytes
etag
"236482354"
content-length
29376
content-type
application/font-woff
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6C89 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3157
x-guploader-uploadid
ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVJRr0z2xle8xi1p2OIi61DQT7V4IMhKi4uTgIhZNUFEO%2FFIolOsYOjGmNmNjVjE172%2BmsYxFi5dtYmImgW3p1iPMnS2J4z9Pvq%2Fm7beVPctD9GjKf0Mfs9qSMh%2Bs4iOIvPJdjSITxz1WPSRFqCfeuzw"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7cb3f7457c0c362d-FRA
expires
Mon, 22 May 2023 09:24:47 GMT
truncated
/ Frame 7DE7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e78f5313d1ddda2d416f483ee581eff166ad4985f144d34d06adc5c60086c47b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame 8A11 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 8A11 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8A11 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C418 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=2563151533&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747044&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747043920&bpp=16&bdt=819&idt=857&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747045&ga_hid=1122604942&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=2222367093&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31074687%2C31074690%2C44772268%2C44782467%2C44788442%2C44789923&oid=2&pvsid=2017429512034419&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.yvdpmnrblq6e&fsb=1&dtd=942
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usermatch
ssum-sec.casalemedia.com/ Frame 7485 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
519909dfddc9f617357f177631cc8c9c37e58f86885188e50aa6b30b9e02c3fe

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1357
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:24 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame 421A 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
c461f4423ec10d25b66c27cf5685005a449cb7a9517ccff95bd1f153f8d36c53

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1526
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FB92 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50529
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:25 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 9282 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
db8099b1ce48f387f283e160669205226afd672727c34dee0e7d3998e2e21225

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1571
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame DC6B 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
c3ec58cfec3e16277bdb11ee642dab31effa489d2538940ad401419763d21016

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1532
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
0
Keep-Alive
timeout=1, max=496
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatchredir
ssum-sec.casalemedia.com/ Frame 1E4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1E4A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 1E4A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T767S0DZQX0EX28WF4FF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1E4A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fca9009e-c4c8-425a-82c3-ac0aa4653036
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1E4A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-085c90e762a864cb4@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 1E4A
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827988031191
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827988031191
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827988031191
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum.casalemedia.com/ Frame 1E4A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8561191816879852939
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8561191816879852939
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
491bad9f-9851-46d2-aa7d-c042a6ae064f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8561191816879852939
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum.casalemedia.com/ Frame 1E4A
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=aaca69f7-3e0a-aec9-ed55cbce
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=aaca69f7-3e0a-aec9-ed55cbce
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=aaca69f7-3e0a-aec9-ed55cbce
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1E4A 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGszHyOhLwzD3AlGz3fWEAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74a9c4719b1-FRA
content-length
43
expires
Tue, 23 May 2023 09:17:25 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5631 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 5631
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5631 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DNPQHVW1DCVAX6ZE4Q4C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5631
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c948cab5-70a0-4b6f-a31d-4622b350e81a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5631
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5631
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:bc24:9894:4425:647 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 5631
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1684833445
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1684833445
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1684833445
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 5631
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0494646b-3321-4b00-ac52-38bfc9ea3e8f
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0494646b-3321-4b00-ac52-38bfc9ea3e8f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x4 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0494646b-3321-4b00-ac52-38bfc9ea3e8f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 22 May 2023 09:17:24 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5631 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGszHyOhLwzD3AlGz3fWEAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74a9c4a19b1-FRA
content-length
43
expires
Tue, 23 May 2023 09:17:25 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 385B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50529
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:25 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatchredir
ssum-sec.casalemedia.com/ Frame A9DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALU5lc8u8HGYWYFvCEDiV8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A9DA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame A9DA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J7EWJC0KT314H072P5CF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A9DA
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
458b2690-19f0-4d4b-864e-7497e25b5f58
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum.casalemedia.com/ Frame A9DA
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5dbc25c0-92a0-715a-a23a9109
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5dbc25c0-92a0-715a-a23a9109
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=5dbc25c0-92a0-715a-a23a9109
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A9DA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:bc24:9894:4425:647 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame A9DA
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Mon, 22 May 2023 09:17:25 GMT
server
_
content-length
0
ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A9DA 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:bc24:9894:4425:647 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame A9DA 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGszHyOhLwzD3AlGz3fWEAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74a9c4d19b1-FRA
content-length
43
expires
Tue, 23 May 2023 09:17:25 GMT
rs
ad4m.at/ Frame 90CB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
495502d90f028d4a711d5708b06818c7f7459bf002750e043437a014fbf2cc37

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KQ%2BNQzJPDWVj6u5tH%2FC8822SlYHJF1tessodbFC9GQH%2B8XYxFCLy%2FMTn8BAU7kddnLoxclGmxwxxDcKyzJ9t1jm%2BU98vggbx5RaJTv03MVWXszO96VGBEx0u3jCEPkn8ST2VRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7cb3f7489bd5915e-FRA
x-backend-server
aa-reachservice-group-europe-west1-n6pb
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cb3f7486b9a915e-FRA
content-length
24
content-type
text/plain
date
Mon, 22 May 2023 09:17:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogn7%2FSFznIOx%2FR03YncMHqGGfhL36P9G%2FTfB3t3K1Ni%2BNjtaFn%2FTifGl9IeDq4tp9YkV0HLxRi3enGGI%2FgmcC6m3ro0WtxGm1njkPvLfW21pR2Q8XGCNecS8oDSB%2BrJ3RSJOde8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0pxx
crum
dsum-sec.casalemedia.com/ Frame A0C2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame A0C2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame A0C2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230062-FRA
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684747046.508540,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame A0C2
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame A0C2
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Mon, 22 May 2023 09:17:25 GMT
server
_
content-length
0
crum
dsum-sec.casalemedia.com/ Frame A0C2
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d2310a67-22e9-4a0d-a113-26c9e488f65e
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d2310a67-22e9-4a0d-a113-26c9e488f65e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d2310a67-22e9-4a0d-a113-26c9e488f65e
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
casale
match.adsrvr.org/track/cmf/ Frame A0C2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A0C2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:bc24:9894:4425:647 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame A0C2 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGszHyOhLwzD3AlGz3fWEAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74a9c4e19b1-FRA
content-length
43
expires
Tue, 23 May 2023 09:17:25 GMT
crum
dsum-sec.casalemedia.com/ Frame FF37
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame FF37
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230062-FRA
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684747045.181526,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame FF37
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame FF37
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame FF37
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1700644645&external_user_id=200709a7-de0b-46c6-b1dd-7722fb6d785c
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1700644645&external_user_id=200709a7-de0b-46c6-b1dd-7722fb6d785c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=489
Content-Length
43
Expires
0

Redirect headers

date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1700644645&external_user_id=200709a7-de0b-46c6-b1dd-7722fb6d785c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum.casalemedia.com/ Frame FF37
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_2d194697-4aab-4209-a57f-1640a5e7d7e6&bsw_param=a55441b0-c591-46b2-8849-a4235ea4c0b0&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&us_privacy=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
crum
dsum-sec.casalemedia.com/ Frame FF37
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Mon, 22 May 2023 09:17:27 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame FF37
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:24 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0a1a90ed6ac66fe36@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=JomcGRqV1Q11Fo5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame FF37 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGszHyOhLwzD3AlGz3fWEAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74a9c4f19b1-FRA
content-length
43
expires
Tue, 23 May 2023 09:17:25 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7952 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
525b4d0db0f81d32ed1a7c009d6e4cd4c60e3150b58fdc395022898c52d5a1c7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1366
Content-Type
text/html
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
0
Keep-Alive
timeout=1, max=495
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7092 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50529
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:25 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DD5C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50529
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:25 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7480 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13401719
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50529
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 22 May 2023 09:17:25 GMT
expires
Mon, 22 May 2023 23:19:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame 6E88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=279225184921592&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 6F1C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWwcqVNtjae5K_ZBLB0ncZWsS6VxusC_bc0VoZdN4bagpYZx9v0F1vT6XjIouSQHkewi0w6fHMUiWbqTAORpYoLYTIrfRW6FTjZOTYr8s-wqFPXtVVFMPORm0a-K3A0myf32qOcjKfWbOB0pUzMQiBV5Mtm8yW2iQTZcnWYP1QXO_rKq4BzbUXQ5mtc3HAot8P2jkkLV5A5oRNSVFuFheduOB-NjVoEFv2U6FtmzX9TTSjTu66ubdLs663DNdhNSad_0yyiQriwjcjfZj26ipjAYg_qpmeTjnHvkHRlkGGjmZfeNm4WdoX4VXuzfx_4CpzSZv7VrYjKSLdSgQ&sai=AMfl-YTq4mtS9uoM3ERHXjd3tPx4VJrbcAtZ8Y-nkp0NACL_vyyAkiHEbNkBPkewyB11LvQ9eO-hImPAArGUmfwvG8s7dYmEchCsOF38ntfR1NXHhOdIKxon0eu4Uv5wHw&sig=Cg0ArKJSzA9_t1Qzi_U2EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6F1C 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83204da27cc7e24911b90294973537aa0751c1bebd31cc650b1277e8e857482f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11429
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A184 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7QlrEnU4PkyfS-mkBkUzs5ZvR4leWBggBff5EdkCVYtQOlNH2NSx5hktvvSndkVCBRRBcwKZUSXYwXIqOdRv0GJyL2FzgQi5Vb2lzzBem2uO9lGYwrOcXEDR6fp3L0IrSBeqj6QXLdid9dCDucrB5wQf3gww52gqz4mUAITFtvcZDWT8lgRiG6cSM2A4cs57HJdD4No8c5zWvITj60GirwHCOEwdBJvt_FR23JAwj_EwozrtIjBiaq2dmzRdYdJDnUJ7fMCPC1WdWzb5svKedXckV0ZWAjTr5Cjb5x__TsCmbAYDR7fkhOBTvaf44kymLNzJMKN6Zs7AaZTg&sai=AMfl-YRhnu-UXbcciP8jHZv2rRTAGeMCDDPqBetslc68QUQYCIUDsUFxfbqJCoicdgikBJaIBQlsXluzzMEnlRbwHtUFYwZ1FSI80UqDbWKqdSzu5kwZOmklbME3YIECQg&sig=Cg0ArKJSzPbsGx3AQLbZEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A184 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64919f87b61b11e8d0b0a9cbaaee9079698590d0c8da5413d4004f5ffe8303f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11239
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 7485
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230062-FRA
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684747045.351517,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 7485
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 7485
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7485 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 7485
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dIULbnGCDzxvhAk1dNMQNSHVCTxvhQo_etR0W6CD
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dIULbnGCDzxvhAk1dNMQNSHVCTxvhQo_etR0W6CD
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dIULbnGCDzxvhAk1dNMQNSHVCTxvhQo_etR0W6CD
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum.casalemedia.com/ Frame 7485
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8561191816879852939
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8561191816879852939
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
29e5f7e8-df01-4ab6-b979-cdadf66f6d41
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8561191816879852939
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum.casalemedia.com/ Frame 7485
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=a4a4add0-4ac9-4109-b5dd-125f72c4ed68&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&us_privacy=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a55441b0-c591-46b2-8849-a4235ea4c0b0&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 22 May 2023 09:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rum
dsum.casalemedia.com/ Frame 7485
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1684833445
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1684833445
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1684833445
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7485 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGszHyOhLwzD3AlGz3fWEAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74b4d5d19b1-FRA
content-length
43
expires
Tue, 23 May 2023 09:17:25 GMT
crum
dsum-sec.casalemedia.com/ Frame 421A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 421A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 421A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230062-FRA
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684747046.645248,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 421A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 421A
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZGszHyOhLwzD3AlGz3fWEAAA%261119&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8be09072-7b97-4a00-bb4e-33d2fa14617d-tuctb64b8a5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8be09072-7b97-4a00-bb4e-33d2fa14617d-tuctb64b8a5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=488
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=8be09072-7b97-4a00-bb4e-33d2fa14617d-tuctb64b8a5
date
Mon, 22 May 2023 09:17:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12906
crum
dsum-sec.casalemedia.com/ Frame 421A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69B69F95C0274999BF5E0F1EE083CCFE
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69B69F95C0274999BF5E0F1EE083CCFE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69B69F95C0274999BF5E0F1EE083CCFE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 21 May 2023 09:17:25 GMT
ix
ad4m.at/ad/sim/ Frame 421A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 421A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:bc24:9894:4425:647 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB
date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame 421A 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGszHyOhLwzD3AlGz3fWEAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74b4d6a19b1-FRA
content-length
43
expires
Tue, 23 May 2023 09:17:25 GMT
merge
ce.lijit.com/ Frame C111 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
merge
ce.lijit.com/ Frame 4166 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
merge
ce.lijit.com/ Frame C093 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
merge
ce.lijit.com/ Frame 93AA 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
merge
ce.lijit.com/ Frame 9A13 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
rum
dsum-sec.casalemedia.com/ Frame 9282
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230062-FRA
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684747045.467149,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 9282
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 9282
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 9282
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 9282
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 22 May 2023 09:17:25 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.9; 217.64.151.9; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2cf9fb21-bbb6-4768-9267-bff893ec5d63
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8561191816879852939
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9282
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=e6113f7f-855e-4eff-b376-b4c84ff89771&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Mon, 22 May 2023 09:17:25 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 9282
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dIULbnGCDzxvhAk1dNMQNSHVCTxvhQo_etR0W6CD
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dIULbnGCDzxvhAk1dNMQNSHVCTxvhQo_etR0W6CD
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=dIULbnGCDzxvhAk1dNMQNSHVCTxvhQo_etR0W6CD
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame 9282 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9282 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGszHyOhLwzD3AlGz3fWEAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74b8ded19b1-FRA
content-length
43
expires
Tue, 23 May 2023 09:17:25 GMT
rum
dsum-sec.casalemedia.com/ Frame DC6B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
pragma
no-cache
date
Mon, 22 May 2023 09:17:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame DC6B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame DC6B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230062-FRA
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684747046.686054,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame DC6B
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69B69F95C0274999BF5E0F1EE083CCFE
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69B69F95C0274999BF5E0F1EE083CCFE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=69B69F95C0274999BF5E0F1EE083CCFE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 21 May 2023 09:17:25 GMT
crum
dsum-sec.casalemedia.com/ Frame DC6B
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827988031191
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827988031191
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827988031191
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tp_out
d.adroll.com/cm/index/ Frame DC6B 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:1da2:71e5:22b8:3522 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame DC6B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGszHyOhLwzD3AlGz3fWEAAABF8AAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VCK0XPWSZZA80QQGCCEV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame DC6B 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame DC6B 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGszHyOhLwzD3AlGz3fWEAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74b8df219b1-FRA
content-length
43
expires
Tue, 23 May 2023 09:17:25 GMT
collect
region1.google-analytics.com/g/ Frame 60D5 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&gtm=45je35h0&_p=1110683200&cid=215484772.1684747038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&sid=1684747040&sct=1&seg=0&dl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&dt=&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KFES10EH0&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
frame.html
ad4m.at/ Frame 9D38 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
79894
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7cb3f74a7a4a9be8-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 22 May 2023 09:17:25 GMT
expires
Mon, 08 May 2023 00:16:30 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNARF3zuHaKJTiZm7Wga8%2FwwEmsbYdfjfDcNaXsmGHM6l21Nr4IhnJavT5vpNZFlwS4OgGd9dJoBIiDCXj7l5lRbZsMlsRy6e%2B6%2Fqc6HjH0QsHqCkSp%2B5sUeJK%2BgLurM%2B5T3dQw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame 7952
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAFy6E7I1mYAACFpYYcPWQ&expiration=1685956645
Date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 7952
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230062-FRA
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684747046.518685,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGszIAAL5bHx0gBL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 7952
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3831658881924355672
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 7952
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7205373100423319410&expiration=1685956645
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7952 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 7952
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZGszHyOhLwzD3AlGz3fWEAAA%261119&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=27ef6d72-69aa-4022-8b49-0cd155943aa6-tuctb64b8a5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=27ef6d72-69aa-4022-8b49-0cd155943aa6-tuctb64b8a5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=27ef6d72-69aa-4022-8b49-0cd155943aa6-tuctb64b8a5
date
Mon, 22 May 2023 09:17:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12790
tp_out
d.adroll.com/cm/index/ Frame 7952 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:1da2:71e5:22b8:3522 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
ix
ad4m.at/ad/sim/ Frame 7952 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7952 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZGszHyOhLwzD3AlGz3fWEAAA%261119
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.idrlabs.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52818
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74bde6919b1-FRA
content-length
43
expires
Tue, 23 May 2023 09:17:25 GMT
collect
region1.google-analytics.com/g/ Frame F9F7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3KFES10EH0&gtm=45je35h0&_p=1414959249&cid=215484772.1684747038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&sid=1684747040&sct=1&seg=1&dl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&dr=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&dt=&_s=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KFES10EH0&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame 9C55 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fec74c2b49c57cd811dbeb3fa3339c355b41f7ff011c322b24588b606e5db45
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kxa9gxqq60zx5mkmeyy32qwzehn8zzt5k3p299ycmfn4vjpb5kdr6m0gms6ybpbfw43yp6hebxmk7kk0sxvnp30x0ygcrxpcs20wk0g0pa8t3xp8y3eazaapd0gb6xc42qct5zpb2ag1kra1bddndwpmzmg4atmhkjpgamq65qhg61gdgven487t0d8hv1a2txcnq4swy7xrwqp6wzyf0t4echmq1w37w6g0sfjbrpapynrwgghhrd5bds4zhzsen87mr2wevcxe14x5yehsntrjym1sj6abkjvqnb7ja7r2zxtayyfp4ygv5tc5x77nwq29bs8abkra0kjhphk2zrmk9ct8qfr48v499gzv6bk8401gbr6fkm2d22tffdwnfvdxekxvkr8bg91re7sp56n8h943ktjgf99ppzntm0zbw1hydmtx9qb3hj4m1x0p22tmyeb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%26client%3Dca-pub-6552175488733768%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cb3f74aaa889be8-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:25 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame E6B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=2101823202013566&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B8F1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4GVijQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie.js
partner.googleadservices.com/gampad/ Frame 1C51 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 1C51 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1C51 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A945 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=2563221668&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747045&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747044207&bpp=14&bdt=1012&idt=1368&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747046&ga_hid=634486155&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=3094623070&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31074546%2C31074688%2C44782466%2C44788441%2C44792088&oid=2&pvsid=4285984129490062&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nlz8yzoz6zre&fsb=1&dtd=1389
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 7DE7 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.idrlabs.com&callback=_gfp_s_&client=ca-pub-6552175488733768&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 7DE7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7DE7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3CD2 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6552175488733768&output=html&h=250&slotname=RON_300x250_House&adk=1859399304&adf=2563226765&pi=t.ma~as.RON_300x250_House&w=300&lmt=1684747045&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684747044274&bpp=11&bdt=414&idt=1335&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&correlator=4392291817391&frm=23&ife=4&pv=1&ga_vid=215484772.1684747038&ga_sid=1684747046&ga_hid=1988978573&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=899&biw=1600&bih=1200&isw=300&ish=250&ifk=3719534098&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31071755%2C44785295%2C44788442%2C44792088&oid=2&pvsid=3805444719741563&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3x12r7jq4hlz&fsb=1&dtd=1344
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 83C2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=CC-ACVG7SjmP2fX9ESXFXQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CC-ACVG7SjmP2fX9ESXFXQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CC-ACVG7SjmP2fX9ESXFXQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1XWDMP8939219Y7RBM5S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=CC-ACVG7SjmP2fX9ESXFXQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 83C2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Kucj5YEPXTBTwhWt8E0cHA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JpFYheVE2oL99Znp9joTidjOfeHZgLp3T8Kz9w--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JpFYheVE2oL99Znp9joTidjOfeHZgLp3T8Kz9w--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 22 May 2023 09:17:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-JpFYheVE2oL99Znp9joTidjOfeHZgLp3T8Kz9w--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 83C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI3WKTD2c5QmfMbQ9U9Esqw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI3WKTD2c5QmfMbQ9U9Esqw&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI3WKTD2c5QmfMbQ9U9Esqw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 83C2
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=zmwpJ9SjSdWTkraLoCuI3Q&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=zmwpJ9SjSdWTkraLoCuI3Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=zmwpJ9SjSdWTkraLoCuI3Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S22GEV5FRDXDRFBT7A51
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=zmwpJ9SjSdWTkraLoCuI3Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 83C2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHYMW098-S-BJ81
0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHYMW098-S-BJ81
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: E7C41F5C59B1464F87BA9A5F5CC8880D Ref B: FRAEDGE1821 Ref C: 2023-05-22T09:17:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8RL02XSc0WnUGyzuoUQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHYMW098-S-BJ81
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 83C2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 83C2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjMGUzMjkyZGQ1NzlhZWJmZTE0YTEwMTU5MWU5YWMxY2JkMDAyMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjMGUzMjkyZGQ1NzlhZWJmZTE0YTEwMTU5MWU5YWMxY2JkMDAyMA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjMGUzMjkyZGQ1NzlhZWJmZTE0YTEwMTU5MWU5YWMxY2JkMDAyMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 83C2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhZTVcwOTgtUy1CSjgx
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPSmE055e2JQcjVS_fmvvMk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZTVcwOTgtUy1CSjgx&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZTVcwOTgtUy1CSjgx&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhZTVcwOTgtUy1CSjgx&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6F1C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A184 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:25 GMT
merge
ce.lijit.com/ Frame 7D63 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
merge
ce.lijit.com/ Frame 28E4 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
merge
ce.lijit.com/ Frame 2478 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame BE54 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
merge
ce.lijit.com/ Frame 2EF7 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
merge
ce.lijit.com/ Frame FDB6 		43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Mon, 22 May 2023 09:17:25 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame 9C55 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
1186689
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gx%2BuowDi42iw%2BRGShV%2BbYjFwgmpEHHL%2BmcyOqWLyNLu%2BV1xX%2Brvddk1iw%2B68os9hto0S%2Bg8k9sJlATcLF0bmqxzDIo70%2BYymwvlfPjq42SgyCkIZv3TM%2Fn1LwL4WZocG%2FWoK3YngFtM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cb3f74c6c869be8-FRA
expires
Mon, 22 May 2023 10:17:25 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 9C55 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1271936
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3cmy4YEmLjsIBtefyUwsYPigz%2BZsiCbotPXTNnNiusLhkOn%2BTBOl4ExIswRV9gT%2BdcolSnlSHc48Q7vjOan0Tyyo6CAUzRDV2RlINsiyb5Xf%2FXlk9Fa2w6zwvvvFs%2BmWIq9iXxrof6QAJ2k"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74c7f811919-FRA
expires
Tue, 23 May 2023 09:17:25 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 9C55 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2027744
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYC9VZJeNx0yyQ6cv44LV2Wqr3wamWgcEgTwULMSjuOSOpDMfXN0rf%2FymeqfeOgL4IfvHnDrZVT7spSOJhU9bit%2F9GQSRZHYQs1DKw1s79fS8fOcKVi9F92No8gqUGA9msGdFeyJCnqHG5Q8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74d3dcf9be8-FRA
expires
Tue, 23 May 2023 09:17:25 GMT
cshow.php
www.awin1.com/ Frame 9C55 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.29.202.60 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-202-60.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:26 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9C55 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
317205
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfc5KtNTd2gdTPUCoECh%2BI%2BSrH4%2BasPpH%2F4gt7yUpMBtpmNnYrfEIVGXMp3wLYggFfEr2jFCxQ5u3cCGX4ZeW5VtS%2B2csqaRg1CijHIIExBIv2kQm%2F42qMmuHehBCzuciMrVDuDrFfT0E0e4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74d3dd09be8-FRA
expires
Tue, 23 May 2023 09:17:25 GMT
BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
assets.ad4m.at/product_image/ Frame 9C55 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/BF671F9353E49E9BB6D9FDFDE3DB7F76C1C78079C9FBA6953329642EA1EB98D31F0C6558B5B6382075530160EC4EDC9E4E2E5EF63EAAFE88E99516547093A3F4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f517fb84e0461bf59d148d2cf42b9bdfd8cbee080020b56fc208f581ba556fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2384121
cf-polished
origSize=62182, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59907
cf-bgj
imgq:85,h2pri
last-modified
Wed, 09 Sep 2020 07:43:04 GMT
server
cloudflare
etag
"080d0c4839d9eb4fd08cffea44b1069a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfZ4x%2FU81ske9pdXOwSwVOmWtUTAAAHsUI5SZJIAeRJaZR04a8tu2KY1pK81eKMFQsaGnrXtr%2FBS4QEsb7t7SawHAqlmIWSNKJh1Qdlzl3LxSaYRZrYK2yAHEasGSQbLH0PQC5O8YC8rK5JP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74d3dd19be8-FRA
expires
Tue, 23 May 2023 09:17:25 GMT
/
partner.o2online.de/a/ Frame 9C55
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMzh1-nLiP8CFebzEQgdjf0CjQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052211172685158577873X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052211172685158577873X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052211172685158577873X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:26 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023052211172685158577873X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023052211172685158577873X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Mon, 22 May 2023 09:17:26 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 9C55 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
475624
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmRB19EvuVyDAalxzvp5VbSEzo17IJlUlCMA5oPcJIlR2WsMi3Hzzm4MRbQXOOBf%2Bv2guXAqEHzLuxk8wy477D5fNnLXMh%2F6P0jwm%2BjFDVzcydoQlXo4eDdSak48LojtADjhjx73etIKUFnK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74d3dd29be8-FRA
expires
Tue, 23 May 2023 09:17:25 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 9C55 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
468218
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ug2pyOy0OQ5ic5Z%2FNk5bjPF7E%2B7FCDXoMWmoXwpvPFSJK2%2FztLxeqoLDsU4jVnVsvJEWZV%2BEOkfj9FU7rr%2Bkm4szWPa6K8xTkbPviXNtYZeIH6R6RnBhyuZYitsNjSBtdrXAUy6uatpJmpek"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f74d3dd59be8-FRA
expires
Tue, 23 May 2023 09:17:25 GMT
ztpv.php
www.conrad.de/ Frame 9C55
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1684747046_77a8e360-f881-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
0
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1684747046_77a8e360-f881-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
cache-control
no-cache
cf-ray
7cb3f74e5aff18df-FRA
content-length
0
expires
-1

Redirect headers

Date
Mon, 22 May 2023 09:17:26 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1684747046_77a8e360-f881-11ed-b339-2265b7c46fb7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame A32F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulLVY9Y39D-FSYsaBGRaZOz6-FpWuV9Gz9Gc7DnLQyGUiXCVLj4Sb0GBRQtA22NwjUneLPI0FVL24AwkDVSNgY5Joh&sig=Cg0ArKJSzLo0zUiIN141EAE&id=lidar2&mcvt=1228&p=0,0,50,300&mtos=1228,1228,1228,1228,1228&tos=1228,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1859399304&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747043270&rpt=1225&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0F11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=3848651362865139&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame D9D1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=888148739970482&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 3448 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E958 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=161763&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:24 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame FA07 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 34A8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DC8D 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ba03d48b570945351c45d0ddad64e8ad055dcc1263a1c0566fa75eaed3ea2f8f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EmLauFcU6F2FT-q_mB8WHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-EmLauFcU6F2FT-q_mB8WHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:26 GMT
expires
Mon, 22 May 2023 09:17:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 2FF4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BA7C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4755 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
beed7e778820d04335568da821e8a0efa5570d31f44dfa12f2201cbca4ad7ce6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NV7KNzErg-gWKyjdp1sEcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-NV7KNzErg-gWKyjdp1sEcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:26 GMT
expires
Mon, 22 May 2023 09:17:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 178A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst28oNhvsXDJDHEqE1ipFNvwhaSYLLBc5lw01FalFy42ssA4Q8LPBb6Og3maZEy6jiAy4L9B9UEUsyZOTaJU1XPURGT5HQR1kFv13jHOGolWdpNesdkN3_EMopwZQNSwGpMya0yPwQnp-8HEqZKwLrGwEFjfmoL5UOBX7yK3azMw2vTYY7Jux2nYg9BZp_4kIkFsbErPeze19cxOKfeZAgHAAxFZIKXHwpm140qmslIKpT9bFyhkIsvydU9V8GdQg88xIkRi_LmNP9bJpgTdeCLw1YmzKK7R7nc8bFaZLHn5OQqcA5nc_BomjAwLeYXByYpMVEYbXVEIGAeyeY&sai=AMfl-YQC14NYDQq41oyMLcFAEZUecIHh8jCvsFz86VK4-grLk880_MeLiWvBO9n0ITVA0LeEF25xlvQ_qEhDu9auV0PWWQOcULcrNCJq8cOF99aDtvejpPGnWO1pT0vDZQ&sig=Cg0ArKJSzErODCQhbm3KEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 178A 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31074719
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19ee3f9185592eef8f3f7fb69f09ae774b9f71626eebf136fe1c3ac2f8075487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 60D5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305150101&jk=1135691075320070&bg=!JySlJHDNAAZ8_aWmXP07ADkAdvg8Wrweh_b94cyTo9-waz9iCuL8UXGzcujbu6y2X1eDt1HgwdP-qldYl093EjvDUw3cMZKT51ACAAAIUVIAAAAMaAEHmQLE4GblpXTNYG73LxAHFdI3hnhCmhE4g-6B7xA-lSWKp1WEOAl29C0kSvvs6An5gCVic4x5EeprCNlV4PVjNlZ2R2LZhUftJDzDjAf3hQ8jGArPqrzhHOfyYsMGbcgO1S6EHZs90akZhYu81AlHY9fWrojbffF3v2Q0QGfujlFR4j0wb4PLNqlQSaraoDhMGHosXD_N563t4i548GeQe-74NAk6DATEgBjWtSIrpC7ocfYh_mXwQ2FZEguUEHs8ul945ulgYCPA0yiz9C1xc3Y6OUcKxLICuvKM3DnKq5Wc8uO2cmHecYD7imrynRjOnTNFLosht0uivVSbhN-OxzL2-HNl1FrSX8RL5uG3ga1IPHJzhu4eXZGRl7a2G3SMCBFjX8OCFL_Oyoty6hwF1ZAH93XSyBJe0t35V4BS0fHyVODjQjA7BgNyzOEdM0cvvs6oEC3ltB9d4FvgJTsbLBwbwD5vEgnhwPrgyhwKonAoxDu4YVjENWPyp7iFCusEXzj6MZ3yoYqIs-PSn3uoEd2OjmQIW9lMqjPbpvHqFqKuccCcOxFM3hbbtCVaO0D2DhzFNHwlFvE0B5DOIp-ntLrrbejeVYIFD3ogfXxtaW0_J-2KffcGVNP1feT_S5GbFr537fLYvX6E5xUR4TJxxShu34l1dHEpOWA0kH_rR8p3SpxvQQuIaRhBj7h--of_7vTMPDtNjto4BaqRgzd3UEFwPxB3TDqCIl_auOemTiEcQFebW9Pjzb5K-mOdA6w1JGUrZDP0G2yZ-8yXOZ_UNvkliSC3-YBvy9-9dN7H9q523In_SnYIavWURMW9_LcwOLiAUohgdDIR4iLUM5xHRIJI0JYdd3PZAi2u4BeEPnSUSDsWumE-yCuoA5p6SHblCrAXQj3hXK9jOmuq4zOj03xZYdpKem4fmmmIxBQud1q4itvE8A2e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 8A11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpbXJNCaRpw6tMAi83xYvhgRj3M5y1Fn1eaY1mKDqex7Zq8yEHlzhYyt_qdTZL1vzJfy3DUyb601yyT-wklTForsrjeXPFmLmY04GDR0_DxMV62SovJ61lmXfP19TMyNh3Drt7oVP0jso8_TYHUFdOJA6x46b9n3cvFhpmEKBB0m6DXYtYpPD5somZsKmlQjJVBpUPb9YONbAnGBJ66v9JI2kTASbJwkiQaqkE-S-SMWO-uupLbzZlevfSP6caRp0d5q5diwzKAzsnBJbXT8DHfRD1l3dhVnSIuj4Wl19PJxvYS-0hdnxpkmUYtahNrpO6Kc-vflOkRfXQ-jU&sai=AMfl-YTyQoKXWTDUSZ-cpvWIWcInkuT17zs_QPiDeOZSIyfQcIhgHGoR9Mp8QF7Rh1aP_kDgNnc5lhGMqV0g6xST_XPFGjmKyeuVBeF5jkvTkVfZKae3txEcnfDkUl1Jqg&sig=Cg0ArKJSzKRXirn8WmykEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8A11 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a52217f95bbf365dae899236409158b78c148e9c62a14e6dee3e93709be63af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11348
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 178A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com&bust=31074719
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8A11 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1C51 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-5hObXZYGyeiMJx6rlzmGgMU6jCYPdpP4V-zHRu6DlZfkgRAhLUj50Ou0hAm6AOP35so5S34wVONtr47teqJrXTYT7TV7BdEG_aEoMkoYD-dtvIbykaGFEK7lRMhHp6vunBlbjFgcyGiEVByktTGqdTDio9JOZ9dKGvv_CbTUhKa5QM4NLKKIFEKkIimpZJ0tbH2DHCeLkClv7R64NSDyzvfCnC_GHPEkDBgeecPtHdD1ChMKTsW08m_CRvzlyuz_18CDGaWxvR8ys-ymx61yxe-ibluEk9dMcvlo9EHq4-OpCq3wI8RgY9w2dGmm33LqsHKjDBkTg36ewqs&sai=AMfl-YQOl7K1x_y1nCFc9Snr1qEdTtRDA7hdAAxtPYQ58yzAjpjedIWktddcBNO3qBHttWvsO-qjnnvrM8ZVnTA40vsLf7jzeqjS3c7qisDlrISmR_QTf6vVMf4O1dMyZg&sig=Cg0ArKJSzPBOkXCHFb-REAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1C51 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
844cae63b90b9ceac2e5d3f54b93c10ba336d56870730c3ba77ea2f32f334d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11250
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7DE7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlnmXN65hXlmImw7neapwMQr2Sa6-gh6HBWLA8gIRs2foEtUzQ0jbLxz5AUNHXMHHTOzFQ5gcGlxP2__NFFWqqOpJQHpEJtjJgRYJ9rbensW7Dr6pVL0DSLBv_8aS2Tyn_n9q0SaHi8R8mHsjuj5DfnjxTmenCzLG2FOQ2_zul5stVfeGwNzkO7jyPpdY-6TTStxQX2Fj-NQtDCUOQeb4QL9b1KUUrRC1iZwd2L29hXL_iZiTQdZJpVV6aHDMAXyLaL82Uja0hEuOpKIdVP78g5ZVvuq1GVwGIqOOsUctWMUZzp_zpVwjH7aWCXYambvX1l1SnVAwPsDSSrU8&sai=AMfl-YSlXc9rwd8Ni33cz84xP9wOwof21Ek4VlxoSnrvFG6hqpChYDfb0hfRzn-165Sd_87Ohj1ZljcK-5Y50JpXiH37wtZvWPV9e0BzaEzxKbhSQsnb-XW66A8owY8A2Q&sig=Cg0ArKJSzHlMVYYlhiW8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7DE7 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c0f5b6a043fee2b56859b852fa9482405adc4bf823ec1ccb6dff5399e68f1fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11097
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1C51 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7DE7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6552175488733768&plah=www.idrlabs.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DC8D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=3252810816889326&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 4755 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=3172209606075871&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame A184 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhZOGNRQofR5LnJr4JdwG_R96H40JZI0Om6UlIezW39LxZVG3FwU7xJaJW63Ecf_eqSKAgkw6uec8dETfAoLuSH6-yFdyU0BsJGV8_hZwwXbxFn_Vl&sig=Cg0ArKJSzI7yRxYbkn5bEAE&id=lidar2&mcvt=1058&p=899,353,1149,653&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3215044782&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747041589&rpt=3686&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F1C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstM5nH73cY-9CbdqtjzRh_Tg-hefZpZSq55NP42jcYRkRxKO-BTQc679oQbAcHh9J1uPrBxYAG7-hRY6QZQZ3KUb83j7rUrQTYyAyqMO5sByJsnAgJr&sig=Cg0ArKJSzDzB_PuQ4KUKEAE&id=lidar2&mcvt=1061&p=899,353,1149,653&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=748357368&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747042447&rpt=2814&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E1F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8DDF 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
acc129eb258fc2254c448970216c90628349add61f5f7c678174c150bb5cd901
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PIBj2Gj1mVTNPPue-9vFPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-PIBj2Gj1mVTNPPue-9vFPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:26 GMT
expires
Mon, 22 May 2023 09:17:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 40D1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F915 		783 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c43e65d4d38f59106f277446b13f5194f8aed348dc84de7586e54c87c72396bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ooOEMttcDMFroiubrdEHrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
508
content-security-policy
script-src 'report-sample' 'nonce-ooOEMttcDMFroiubrdEHrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:26 GMT
expires
Mon, 22 May 2023 09:17:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 34A8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cb3f7501f4e915e-FRA
content-length
24
content-type
text/plain
date
Mon, 22 May 2023 09:17:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PRoIzqhSZUCN2ZPhW9f6VYLrKtp%2F1HayN3Av810%2Bk6QBqC2%2F6DIjzsVV%2FGZfKWyI%2BoZDmbEcSPQdQ68yTpa3iaIPwsHEAnOo3md2nw6cDKX9c1Uucf54niLos8XOBnTALjPxS0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-0pxx
rs
ad4m.at/ Frame 6C89 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf436c91449348d9ab3bb45024e3b4e5454ea2e82ac56f575e0b8697b047728

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2B33oiUqLDdM8jHVoRivVY5w9qUx%2FsGttqPk6vAZgdr1Hmd0DdqqCEJHKpZFpPH2HCbn9BDJJfsa5ZnRblWmCH60SHUXyCL6fMqVfNp4GWG5WfcY3Kav3PJWi1KdRwJ8ubrL9Ws%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7cb3f7504fa5915e-FRA
x-backend-server
aa-reachservice-group-europe-west1-n6pb
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame BA7C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E9FF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C8CC 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a35e8bc6e0c717a9da8c03646534a940d61af07cafc6841054c9c4d894d67b00
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TobjuQhX6p4EuU4-0RbokQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-TobjuQhX6p4EuU4-0RbokQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:26 GMT
expires
Mon, 22 May 2023 09:17:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:26 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90e_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=f9fc776c-f54f-44f0-a026-9d81ce749bac&l_pb_bid_id=20123faee252ee28&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90e_desktop&slots=1&rand=0.8340711792508053
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e1a0438b68ce542edde223c44229132c60c598e07f3bb593665bc5413b78fea7

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 60D5 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
ec97bf5f6f0fb58e57ac5f24c61cdacd9f3c281dedf025e2fad573db9294f4a2

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
3421
translator
hbopenbid.pubmatic.com/ Frame 60D5 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c264bd6789f1c55e356ac316060c8022abc14e8b53d38a06a0342b9c07268621

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1730
c
prebid.a-mo.net/a/ Frame 60D5 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
181
server
envoy
vary
origin, Accept-Encoding
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-4%22%2C%22callback_id%22%3A%22209c87e3ba45efb2%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90e_desktop%22%2C%22tid%22%3A%22f9fc776c-f54f-44f0-a026-9d81ce749bac%22%2C%22auctionId%22%3A%22e3aae3ee-ad0a-4df0-a050-2b42a5b30d8b%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747046519&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
trinity.json
apex.go.sonobi.com/ Frame 60D5 		821 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222114e44c74ec2915%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90e_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=857f7698-2a82-48eb-9c41-789aa229ae57&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
c8992fe1b6b597ed8147baee4b6546e3bfbfafdb69290d8fc4b462513b2759c0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
476
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		38 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
793a8d19abc710a442d28aaa9a619a4afac92338c70a25b80462d6f58d182c83

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQvpiJV%2BdIPYhCBfhe%2FOMDLiyJGCYZaUaDCldRvDNFYn6vHYDrmXY63rPb9l82dwkT37LWUA8c7vzixzpzg70gConGBSaB3860fEAZ3Bxmh1GugaRW1zvynKg9Dr%2Ff9fpu6OYqga"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f750cbd0373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:26 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		38 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9923bc3176626e771f4c1aec98a5aae6442098146773f08843d0871d51ea9a9e

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFPn9KbOZB%2Baxr8cHLzlql94J%2BWBOA43FRpGhrEBRof9rpAOV7os%2FnHkkKBBUBcelHH88FXIxDKOLkgVZ4KKOPc7ajAMqa%2BqmcZ%2BBr0%2BTd5SNVDEo534eCdMs6Rg54n5b4YGxoRI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f750dbde373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90f_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=8467a638-af39-427f-b6b6-bf36884fefd0&l_pb_bid_id=2203d8493bc1b1ac&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90f_desktop&slots=1&rand=0.4931463374573948
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
77b6d3e631fa2f5374f6d2e3ba4be64825054e04f5add6a7a2b19f38185f167f

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-5%22%2C%22callback_id%22%3A%22222414c6d88594ab%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90f_desktop%22%2C%22tid%22%3A%228467a638-af39-427f-b6b6-bf36884fefd0%22%2C%22auctionId%22%3A%22a27651f7-5eba-4258-91bb-7233ae449ca1%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747046531&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/ Frame 60D5 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
177
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/ Frame 60D5 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
34528377e8bfb483827b94617f604ca4cf100fa43bdba1a94e066d7697c8d25b

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 22 May 2023 09:17:25 GMT
content-encoding
gzip
x-openrtb-version
2.3
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1725
bid
ap.lijit.com/rtb/ Frame 60D5 		95 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
3e7607e3c04b3ffcf0aa13750209b50bd1a2c3f239076cccdae61f70c367e1eb

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
trinity.json
apex.go.sonobi.com/ Frame 60D5 		821 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22230a486cf08a7377%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90f_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=884ecb35-f26b-4a67-b853-d558c15f4e1b&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e30089c7e8822924954e798438c08f635559062a9156cf066f2474e417816080
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
476
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E8C8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 06:30:56 GMT
expires
Tue, 21 May 2024 06:30:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 00AD 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4860acec14bc9d292fa79813428c9f0752c9458b35d943d409d7747a748dfed2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6Xtr_0vVpr7TKIpN034S6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6Xtr_0vVpr7TKIpN034S6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:26 GMT
expires
Mon, 22 May 2023 09:17:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame BE54 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3NZcng
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rar
as.ad4m.at/ad/ Frame E3EF 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=50&e=&g=35bcdd93525dcdae24587dd9b5917447%2F3081943047882326971&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747046468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796409bc6e386b2eadd804eb036c10dcddfa4eb0745cc6bda56bbb45aea1d0ba
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kdvh3dp15j615aqn17pvgn9e8kwbtjydsj51djbzyxqsk1z0w7582mm12y7tafyztftenfqea7s2ghxsxsgrk67j9h2vav90wkyqngcjmt1w46febxy9ymz8c4z82n5y257n5v7shkmz356bz55br2jeehfjjztbwb4t319zfr57r874frt6kcp7a0ybq1pe5hv6akknxa4snq88a57a480m4cjrqgkgz74gv0080daz7eqr8495p2sn7q9s2fdtyp49gv2302vvhe0c1xsm75ta85ecx3ezj2jb628t4tb6h3pp2nbft56c2rx8j4wjvdw6sabpssam2xng4ez0m5ekw2jf61fyx63rskzaabvajmsv1dmjgnxabxg8kzbqh31trejjn50ep9t17ttprrddvffh6jc0ygqyfxdhewew0jxyrhd70ce5m5s8yfkfj1qsyww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%26client%3Dca-pub-6552175488733768%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7cb3f750fab49be8-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:26 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:26 GMT
c
prebid.a-mo.net/a/ Frame 60D5 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
189
server
envoy
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/ Frame 60D5 		821 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222370cafd90498a78%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90h_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=957df0f8-e966-4da6-a7c3-520792ee6652&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
edecc8a8c8c0b936a9e6df988c41d3cc4d90d4cda1772bf0c7ce48bf903c64d9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 60D5 		94 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b62f7a7a8af0d154b69cb4b59d38b9b8279ce0201d9ad7a2edfebb04c97873ca

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=e06ece64-c6ec-4e47-9d37-f4874b805c8f&l_pb_bid_id=241b5290f73bb373&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.19697870917563876
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
009b99929c1390792e161d3c0e54730074430036f5cef9c8b54f6fcf9b3702e9

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		38 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2783e9c0e4419aac7f2832b32afaa746eb0ee360c07dd1be9bc0f3184203b456

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lv7KjIFAo1PWieY5ZnMAJpLwEfTO9tPbiBqDL7vtZLCDb6AYmSjNCrVCjukGxayNjbIDVeI%2FDM9PP8BxTlumO55dx6Z37n%2BuFiU4j5YQt%2BG3Pn7cK46kT7cRLvHWj3dILHLtBa0T"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f7515c8b373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-7%22%2C%22callback_id%22%3A%2224564fba6fd0a1a7%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90h_desktop%22%2C%22tid%22%3A%22e06ece64-c6ec-4e47-9d37-f4874b805c8f%22%2C%22auctionId%22%3A%222fc44b54-9bb8-4726-9b81-7897c538d123%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747046610&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame 60D5 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
generate_204
tpc.googlesyndication.com/ Frame 3448 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_Cdx6g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DDF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=3375046558904824&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F915 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=2017429512034419&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2FF4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?asKbPA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
default.css
as.ad4m.at/ad/style/0.1.40/one-ad/ Frame E3EF 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.40/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=50&e=&g=35bcdd93525dcdae24587dd9b5917447%2F3081943047882326971&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747046468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=50&e=&g=35bcdd93525dcdae24587dd9b5917447%2F3081943047882326971&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747046468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1683559916
age
1186690
cf-polished
origSize=105839
x-guploader-uploadid
ADPycdv9IJsM9Nda_T-YCF8tGjLSR9_5GyrPWBCiXo7o_2KPFa29jeIDurPOQJdzBat54FnfGmUqvpjJPo5BCE2ydDX2ig
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 08 May 2023 15:32:28 GMT
server
cloudflare
etag
W/"44fa96b813e145cb8b915ae1fb6a3b7a"
vary
Accept-Encoding
x-goog-generation
1683559948253618
content-type
text/css
x-goog-hash
crc32c=FELYSw==, md5=RPqWuBPhRcuLkVrh+2o7eg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3ePbHQVlZwHPmI4UvMAVrlI6zq%2FdavhAy0iJFNbUfqEe6bE1PsdLFPpJh%2FLkAOWpzo%2BNWtQ7CMyu5Sdf3IbKgmS8sJamnoEJZF5RFcPiPZlUTq8L2EXs0%2Fe8vGL5%2FzUW4F81lI9%2FP8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105839
cf-ray
7cb3f751bb709be8-FRA
expires
Mon, 22 May 2023 10:17:26 GMT
C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
assets.ad4m.at/logo/ Frame E3EF 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=50&e=&g=35bcdd93525dcdae24587dd9b5917447%2F3081943047882326971&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747046468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56590
cf-polished
origFmt=png, origSize=10283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4736
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 12:21:02 GMT
server
cloudflare
etag
"b90d04a587c2a1ab6749e51d8bb195d1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYKaNxplhZRMHUcqHDTAk71k1pJQ3sasnTZySMXn%2F3oMhoMQ%2F%2FHLeyd%2BMO2vZdr1ghzxy0mPPLi9nl4K3r9mbHggf1P5C6ZlU6JLCMKCVU8EmjfBDL3FZrR%2BsrA3MZSQwom5Js%2BPJPzAp%2BQW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f751bb729be8-FRA
expires
Tue, 23 May 2023 09:17:26 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame E3EF 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=50&e=&g=35bcdd93525dcdae24587dd9b5917447%2F3081943047882326971&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747046468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82817
cf-polished
origSize=105738, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92686
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzz1i9WGqgJouQycqxr%2BzUMrsaXnC%2FcGx9i89bbOWh4aAi%2BW6h6BGCfvEBFlZUb%2FPHwmgtXkmgJwhBuban6p761BCpNn9bVngVeqwiSJcDvPq9AaloXbolQXpaPxSAj9LYsPTDSoglAnp%2Bol"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7cb3f7523bef9be8-FRA
expires
Tue, 23 May 2023 09:17:26 GMT
generate_204
tpc.googlesyndication.com/ Frame FA07 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1umTng
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 1E1F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F9F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305150101&jk=2875267802583696&bg=!ZWalZjLNAAZ8_aWmXP07ADkAdvg8Wj2NZkjO7AvarVUHRW8dQj7MUGkUzbCc2Y4PeA6IFVACzRePs5-av8zItIU4puVkwwHsSe8CAAALeFIAAAADaAEHCgAPNHt9ZdMofesvaDL54j41mQLNg5djcweFO25mVvJC1UKvsf-4YyqKRrs22Wxm5JrasADV1NH9e58SdUbEaDHxNRrRBVn2yXmF30bbh0RMDnlC2Psf8JQVMcKVPqDyhgUjAoFoKsD_SNice2eh1b3w9iEkieGimUglwVN2t_uo5EkgK1W9VBe3xs5zsJdx7unp9bdUrWv_O95Tug-FwRjlyDvqMBYrtUXZfQsNxLOEzTLmGIMzMhDcu_5a26vQ0mBZVBLwkyXrGSENyL80h-Lk9qkx3pLLAW0tiDeBGBQOl86Bpuxve0dg1eKeBVvg8rsH5V4hB2WlwGlqiToURHfbkSmc7kZRw1L9T7dS_KsV-5M_ai5wiffN7izZxJq9n9y4sl_1QzwfcrzdDb-okK-v8BHpMmndpYIUBd-hayDboGaxIpEhwuNzCY5tuyRhP4RveAWlpGPANQcRfvn_vP_h9X-h9zYq1nJLxRPt-bRr6xsKc0fGpSatUAEziuLBHMfBOdDcmeZ2py-Z00v7tT90z0-ER6EA4iuA9m9zUUklkRlyvxBgB7EUx9_iurYNFjWq6h7lzwQPofqXvWafGKFBRJFtNiKMbhtrmmC3c8kaZajCGQiFInQN9Y4tNEQGhT0N4q8Cbze0LZVJCMxvsu7wqZJHaidX0JjUN4-ODug2Oe4CLYgDhgGF-B_RfmvwNvyWV9GB0QfmTRpvLs5mTCVGKyoJQg1jEwgZVImuMlUw1QdbnCA1cdpZTlcWeCn72Mc_HJkCswSaQv2vdN4dlk2pGnaC7lGSg4KCXJSGWeh-mgBuYnLXFtoez0ubOTNqW1xm_yxFUOOaDp_xRnue_OFBfrs7vuMl4bIFHo7TDoCRMIkJcuVT1YHBONxeFWy-3LcwrVSuE2jt6-oCnCRx5_b5u1_UHi5l18kqBcRs90UVzrbdzCaNiBRH2tZD4yHZ-4t6I--cXWcJfObPy6o9LGiF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 40D1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
c
prebid.a-mo.net/a/ Frame 60D5 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:26 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
166
server
envoy
vary
origin, Accept-Encoding
prebid
ads.yieldmo.com/exchange/ Frame 60D5 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa728x90x1-9%22%2C%22callback_id%22%3A%22257013a9938d7912%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222995694024183980037%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_728x90j_desktop%22%2C%22tid%22%3A%22fd496334-0341-4ca3-947c-c8fa942b7d97%22%2C%22auctionId%22%3A%2275ad9b35-f1a8-4de3-ad85-2e8b29ba5b41%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747046827&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame 60D5 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:26 GMT
bid
ap.lijit.com/rtb/ Frame 60D5 		95 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
5ad076db20c0918a19d714600525d0d84f2e3601394f88e528cda5188d069e60

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
pbjs
htlb.casalemedia.com/openrtb/ Frame 60D5 		38 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e87686e25acea05508552d9d5d1e3ee9feba10895560a0c47d756f0075386ea

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzZ9qUFji%2BBOlS4XmQeNVsxiydfgTzE6RF9Y21jAUt3IKYoq9kkdGNqnfWreo%2F8iikPns7S9X2JfvaI9TsMHmAm61u4uQXXhaYURhAia5EsRzjdqi7hLDMiB%2FamnL5b2kUmKPMvd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f752bdfc373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 60D5 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_728x90j_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=fd496334-0341-4ca3-947c-c8fa942b7d97&l_pb_bid_id=265356f9433fee5f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90j_desktop&slots=1&rand=0.24409833495123778
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1c81a95f5c6d8adedbbab2f61000eb3e31cd198a6c1544d7bec8b49d8af79d15

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame 60D5 		820 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222675d33738224cb%22%3A%2281b46da067d296a7e113%7C728x90%7Cgpid%3D%2F65889844%2Fron01_728x90j_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=f5e601f3-ec83-4113-abe3-e83fa41690cf&pv=51294905-bdfa-4866-a03f-99ce29cfe6ae&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
53c78555d2295addb60e45025e965d16e4c202246f6da44f1342ee4c7b53a043
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
474
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 60D5 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
link.html
track.webgains.com/ Frame E3EF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmg27s1wt1m5sy8evmt17vxk41y3mpgakbsxcnc3dr5sv2b5w8fth44feq3hqcfhgjaytr28jv81g7w2562558pk42rt1p6nffabb1pmtj7z07gs8x2dhhtqa7zh60k3x09xtsndx6kgkj37vrcfsqqrvp9bynk17bmdbdztpmfvd24aqqwty1nfp17mn4be7vpdpm8g69dtgbxbv183fmf4rk80836zbt2v02z6gc89w5c7qmgcdgvjw5nthjrqn2g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%252526client%25253Dca-pub-6552175488733768%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=50&e=&g=35bcdd93525dcdae24587dd9b5917447%2F3081943047882326971&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747046468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.36.104 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-36-104.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
08f7c47ba7143e50d83ded2036066fc0cdf608940306e55253805208acbfea6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
last-modified
Mon, 22 May 2023 09:17:26 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 22 May 2023 09:18:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C8CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=4285984129490062&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 00AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=3805444719741563&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame 60D5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 60D5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=2799472694913251&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90f_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=11&adks=3272850789&didk=1238102908&sfv=1-0-40&ris=6&rcs=1&prev_scp=hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D728x90%26hb_pb_pubmatic%3D0.09%26hb_adid_pubmatic%3D251283eb7e1d5f2a%26hb_bidder_pubmatic%3Dpubmatic%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.31%26hb_adid_rubicon%3D252a94bb41c6a5b3%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.31%26hb_adid%3D252a94bb41c6a5b3%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747046874&lmt=1684747046&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=s81ej08cinyq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABHeCvhGRCW0FAhfKfKVL5jGCgSGGD7rf13cI6ZuBbE-PkLNwiviEkEX35215E066rrpRh8RyftV_IzYVnmjNh-opSVoeaLq%2CABHeCvhZhtCQovKMnbHOefCRJs5vksBSkx4RobJa1rSqNXoBJgli62bUbbwbCxWp5h1XOmxar3mcmYbH1hiPZ6wkpAy_Bncs%2CABHeCvjpBqdKmvWqxnLIf22Q_YfXGfWw26mN88LoBEprZNLo0QkW2Okw_ewGfrfEtUbwM--WlEYYy1g0RVCS1I9BcNqFLuL_%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhJT_9PZKbFM4cA4cyC3qovg5ZKZ1O_OGnoTOXd0it2XIs4WKAHuypYFmsFWHsuIicbWV_vtURbsmH3RVUEwW_xM97r216UWTw%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9994ccf4ed9efc9a1c69188a524f2c9894f9b320b0aefd2dedc7003c65ee5e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11008
x-xss-protection
0
google-lineitem-id
5112246926
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875292
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=559806392149492&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90h_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=12&adks=2445953488&didk=1238102910&sfv=1-0-40&ris=6&rcs=1&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.91%26hb_adid_rubicon%3D2719d139c8f84fd9%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.91%26hb_adid%3D2719d139c8f84fd9%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747046922&lmt=1684747046&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=2prbcs8yj5xx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABHeCvhGRCW0FAhfKfKVL5jGCgSGGD7rf13cI6ZuBbE-PkLNwiviEkEX35215E066rrpRh8RyftV_IzYVnmjNh-opSVoeaLq%2CABHeCvhZhtCQovKMnbHOefCRJs5vksBSkx4RobJa1rSqNXoBJgli62bUbbwbCxWp5h1XOmxar3mcmYbH1hiPZ6wkpAy_Bncs%2CABHeCvjpBqdKmvWqxnLIf22Q_YfXGfWw26mN88LoBEprZNLo0QkW2Okw_ewGfrfEtUbwM--WlEYYy1g0RVCS1I9BcNqFLuL_%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhJT_9PZKbFM4cA4cyC3qovg5ZKZ1O_OGnoTOXd0it2XIs4WKAHuypYFmsFWHsuIicbWV_vtURbsmH3RVUEwW_xM97r216UWTw%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17de3262ad039e8e603f9761dc70c7dbdeeddefd20669e95dd499bd9d9249ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11012
x-xss-protection
0
google-lineitem-id
5111852854
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274875292
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=4294940003576253&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90e_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=13&adks=3085048810&didk=1238102909&sfv=1-0-40&ris=6&rcs=1&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.76%26hb_adid_rubicon%3D253b9387a709a723%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.76%26hb_adid%3D253b9387a709a723%26hb_bidder%3Drubicon%26hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D728x90%26hb_pb_sovrn%3D0.18%26hb_adid_sovrn%3D24957945f2db971d%26hb_bidder_sovrn%3Dsovrn%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D728x90%26hb_pb_pubmatic%3D0.09%26hb_adid_pubmatic%3D2508f407dd572449%26hb_bidder_pubmatic%3Dpubmatic&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747046937&lmt=1684747046&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=tzy0un1k9pym&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABHeCvhGRCW0FAhfKfKVL5jGCgSGGD7rf13cI6ZuBbE-PkLNwiviEkEX35215E066rrpRh8RyftV_IzYVnmjNh-opSVoeaLq%2CABHeCvhZhtCQovKMnbHOefCRJs5vksBSkx4RobJa1rSqNXoBJgli62bUbbwbCxWp5h1XOmxar3mcmYbH1hiPZ6wkpAy_Bncs%2CABHeCvjpBqdKmvWqxnLIf22Q_YfXGfWw26mN88LoBEprZNLo0QkW2Okw_ewGfrfEtUbwM--WlEYYy1g0RVCS1I9BcNqFLuL_%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhJT_9PZKbFM4cA4cyC3qovg5ZKZ1O_OGnoTOXd0it2XIs4WKAHuypYFmsFWHsuIicbWV_vtURbsmH3RVUEwW_xM97r216UWTw%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
946c9c122fb50fee5ea26060a8b72028e148544bbe70bf85b58fa7bc0ddffeae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11009
x-xss-protection
0
google-lineitem-id
6152679567
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412693231
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame E9FF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame E8C8 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
generate_204
tpc.googlesyndication.com/ Frame 34A8 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ciJaGQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame CC7B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugb7FwgC0c0W13-YtlkeuoL8mxjCpRqc93pGEeGpFPZfvh3dOcElvrNTFKbdetcNgUYMsaQoM2fZTDUKAGOpFTfi0iBUqSDabq_pmxa3r-S3wxSOASLyhWBQEGXKNZyfIIHTMAw2THEw-3kyYmUTx_MmJXp4hQ8aMxpNAAe96zz-7dun-SLf091a2arfflPfAN4jthb29KxMmPtGQlxTvO0QexQMTxZfdcCOTQqj89bVTVV0cKPlnbPqrLqLacV3HXHQsVChAJdWjDmS7b-DG1Tolo-uKqNt5vKvgsgb8_XPSAp_6NxCrh3d7Nn2Lvwfne-64XpAo38UTMxEM&sai=AMfl-YSPqivOEgpaBqteWVE3kdgOnewVI_Vsjn0KO203CxgoB99Pf8uPWWF07vsDrOLJQlwnzWZCWxL5Bn8sHqZ26HdWr2elTvhLQWhaFassFnKfP7lhdeJU7nemjEvdew&sig=Cg0ArKJSzBAM6FSrFueeEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame D2FC 		261 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNU6XBwdsJynVlhXB0VTH6zEwRP0ggTOzwA639dbQn6K3jWd86X5L4w9ngSw3f4zQD42NbCGfRVMBUz7XOpUD5wPf8sFsvrAI8pvWPXmHDNoy537Yb1DTGVNh7UXYIrUET_PIbaREZ0_LI8o0VVEO5jm0aIHPe5WpiPTmbjQP97rdyYt-Uw
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CC7B 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC7B 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CmSFSncRn3X4ktqhesMwht8s5_FAL_wo57lB4lQhuDJwlAa_Sz4plXLA_wqqDnsV2vwkQ3nmaNZZ3cVzxQxjFATn_kfu2a4IJjdUSqAkwbzI6EbBg
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC7B 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17924042302618512258&x=8&ct=76
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2371ae5d-dbc2-4057-9829-9d31d1136dd9
beacon-ams3.rubiconproject.com/beacon/d/ Frame CC7B 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/2371ae5d-dbc2-4057-9829-9d31d1136dd9?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BC8EA2708C4456242EBC8B8CAAA2D3F3EA40FC12FFA1E13C610A996A4EB6A3F2B6199818B66ABC9825ABF4BC26238BE180092356C4407D8A60F2132073127313DAF386182E885AEF7BC9995CA8FFF9ED14F28C0D028E2D55CBFBAF592DB6E2D0424398B9834DFDBC26A83A5D0C94AEE79D9CCDF265580875C2605645952F6017822087116E8BBE1B1D0E0EC7E2C27BD181BBE2B14C052AD52A5A02EA01E8156B0506ABFB033CD8B9CAC3E882EAEC961E0E82A954C1004678A
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC7B 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:27 GMT
generate_204
tpc.googlesyndication.com/ Frame BA7C 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?K3-ulw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 60D5 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135691075320070&correlator=3665302644468746&eid=31072878%2C31074682%2C31074686&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90j_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=14&adks=1601445237&didk=1238102848&sfv=1-0-40&ris=6&rcs=1&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.24%26hb_adid_rubicon%3D2725345dc80a6b12%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.24%26hb_adid%3D2725345dc80a6b12%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747047078&lmt=1684747047&dlt=1684747038920&idt=1170&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=s91dc4bgt1xy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&psts=ABHeCvhGRCW0FAhfKfKVL5jGCgSGGD7rf13cI6ZuBbE-PkLNwiviEkEX35215E066rrpRh8RyftV_IzYVnmjNh-opSVoeaLq%2CABHeCvhZhtCQovKMnbHOefCRJs5vksBSkx4RobJa1rSqNXoBJgli62bUbbwbCxWp5h1XOmxar3mcmYbH1hiPZ6wkpAy_Bncs%2CABHeCvjpBqdKmvWqxnLIf22Q_YfXGfWw26mN88LoBEprZNLo0QkW2Okw_ewGfrfEtUbwM--WlEYYy1g0RVCS1I9BcNqFLuL_%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhJT_9PZKbFM4cA4cyC3qovg5ZKZ1O_OGnoTOXd0it2XIs4WKAHuypYFmsFWHsuIicbWV_vtURbsmH3RVUEwW_xM97r216UWTw%2CABHeCviEsifl-sQByrz_ZseJopT94LMsr0PmEj9oG2JhNQiz0SnXE-SmhSVbCMlkYOK609_PtkdpBYX8CGkgVs7OmAZJhMWUNTEdJa8%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1110683200&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f04e2bee8f17bf0ac6f61331a47d20b1362a61870d980bff4548c583ab611dd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11010
x-xss-protection
0
google-lineitem-id
6152679507
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138412692379
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame E3EF 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmg27s1wt1m5sy8evmt17vxk41y3mpgakbsxcnc3dr5sv2b5w8fth44feq3hqcfhgjaytr28jv81g7w2562558pk42rt1p6nffabb1pmtj7z07gs8x2dhhtqa7zh60k3x09xtsndx6kgkj37vrcfsqqrvp9bynk17bmdbdztpmfvd24aqqwty1nfp17mn4be7vpdpm8g69dtgbxbv183fmf4rk80836zbt2v02z6gc89w5c7qmgcdgvjw5nthjrqn2g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%252526client%25253Dca-pub-6552175488733768%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 03:12:04 GMT
content-encoding
gzip
via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
21924
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
jE8dGm0wt74ESwldC39EPqdTI8bRcFoC_4MQDAJIFwdSFIxMUJsT2Q==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame E3EF 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1684747346&Signature=F6-TYDT8r6e9XsPVij8p3F2wuI3c3K8yHEXo3NS8SpMk3oa~xpesWqcO7Db3IPVDk1xQ6zKdxd3ilSlP3sgIJHnjvLn6S8gvgymA4NrJ0wU6euFFTsnGYJR3geE~W1-18c1wRpcXNOqFECCY4dF6nQmchpOPlo-i5rbj4iPuLIIdbBhZHpvhsfLgg6UXjGrEDXhOACmwWjIKLfrWUGMQsq-q1tYQ-dk~iRlJ4~T29hPEQCWBpZLhy9nl1shRtxwc43qAZEFmKymXx7Yw7g9t5XPvKL9en3J5nJHy2zPgCDMrNGIleaPvIGYpevY1k0TrCeYJQh0sXP2b1-S86GxzPw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=50&e=&g=35bcdd93525dcdae24587dd9b5917447%2F3081943047882326971&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747046468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 21 May 2023 20:19:00 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
65117
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
eOU3E25vmoXHYgWeCgONm5tBUmTEw68bsAoNG6_SUAdT9_1wd8K5uQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 2438 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9SoxWTIcuMIsTi2d6L-0hIHG611CG8jkRIB9qPBq8FfgBGmzDGaCBwCMXuTf-E-XsGbTRKV0aTeDj0HTwXWwHmy5PdVinjF0FI2r8waZKYn7-TrMZxKTicbS5fvqFKnNgoWdGlxltY0PMa5bHLKgPibUvqVUBQh8ssmPRllEH7PVcez7jQ-A5pKGwxnx3UY8XJYSPWRFQxHrdqo2PugtFR0fPjEvyCPMbYOC1cOvBvU1n0Q0cZ0UtuDHxOym0X9FdT5_NsfdtW6g3DyrYUVlwunZOTQodAFGdPKhOJaLGItWKxAi02TT4RRSOvzLgd2OyxGsM8R5pqASVEo4&sai=AMfl-YQknGfD4ifTDJjnz6Hsqp3EL3Dk8ieVtk7R4CuVzKLTkBaIbojzNNxjOds-t0Essvm731da0iuW2t_0LI5vpV8Fgk5GD0lEGLU9fBC8ECE4714GKkvgVO91Zs1aLw&sig=Cg0ArKJSzHDxc8lkEy94EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame C2F1 		261 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNUVImWBTxjsmlaTPRa6gnI81utB1FJPOmS3C6j5-GXRV0NmT4Oj99VZX8sh5oQxRCA4_5OazYto_vhAYarrpKYgRmY9bOH-Afg4Z8AfbPWSrgbEdr9ksET2_TS9hIO_c8x16SdzkfTGPct-0rBYYJnKvr16WuJevUekQ_3eLQpQ7e5vms0
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2438 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2438 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BPgn3WgfDw-6GuDU86wLd_eYNVwrCygsHmk2bMF0FyjmWXW1CAjzEulWTSPH4Ow-YAIInKnp816ABB-26dh7i-R9so2DdnuF1XdMpGFvc9xEFgF-A
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2438 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17662381457414310864&x=8&ct=76
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
22f8e020-8bd5-4e59-a012-427818e96cb9
beacon-ams3.rubiconproject.com/beacon/d/ Frame 2438 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/22f8e020-8bd5-4e59-a012-427818e96cb9?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B65D86FA3593C14D9DC60686A9071E670A91E7D35DE8848B3C18F0D8061DD318DE264FC12E3797105FE5D718BBE08EF1C898D3C88400CC66CA11C3823294D3373B1CCDCB62963C87886E88ACB4336A1BF46EADCC735F08127C8CD635C61D7E5A84C28EDFC23F706F58A849505F7799B21D0324E3F83196DB94E6FC96756E5E5717BA7133642B126C2CDFCA257E091FC572A68B359AD089DDB4031ACB72927D1829AF865C5A606E8E550626AC52E235E04CDA10306204D320B
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2438 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:27 GMT
m
ad.yieldlab.net/ Frame D2FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNU6XBwdsJynVlhXB0VTH6zEwRP0ggTOzwA639dbQn6K3jWd86X5L4w9ngSw3f4zQD42NbCGfRVMBUz7XOpUD5wPf8sFsvrAI8pvWPXmHDNoy537Yb1DTGVNh7UXYIrUET_PIbaREZ0_LI8o0VVEO5jm0aIHPe5WpiPTmbjQP97rdyYt-Uw
Protocol
HTTP/1.1
Server
23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-16-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:27 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sun, 21 May 2023 09:17:27 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame D2FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNU6XBwdsJynVlhXB0VTH6zEwRP0ggTOzwA639dbQn6K3jWd86X5L4w9ngSw3f4zQD42NbCGfRVMBUz7XOpUD5wPf8sFsvrAI8pvWPXmHDNoy537Yb1DTGVNh7UXYIrUET_PIbaREZ0_LI8o0VVEO5jm0aIHPe5WpiPTmbjQP97rdyYt-Uw
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
last-modified
Thu, 11 May 2023 08:48:09 GMT
server
nginx
accept-ranges
bytes
etag
"645cabc9-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 178A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuREw9xMnQQb14iL0ePH6UJF5UNGnq9NxDiugn_2z1K7Aij9s9C344e4IDvvHTGnC8QObEjpm1zzuAiICsRb6n4MqeaqetBVlT3BJUyhtxDY0pV9RHV&sig=Cg0ArKJSzKvs2kC73RakEAE&id=lidar2&mcvt=1104&p=899,353,1149,653&mtos=1104,1104,1104,1104,1104&tos=1104,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2511409325&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747042937&rpt=3126&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8A11 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWMRjm_-D36iWkGsXO8klc5pA8v6H8pkL671D9kH01xXejwh5hzsQyYzEsAupKRqByUkUWFmbkj1j2gzi-q4fKOgUgytSwTjCznAqY0rlm0XxCQQ06&sig=Cg0ArKJSzCOL_1ObNASzEAE&id=lidar2&mcvt=1106&p=899,353,1149,653&mtos=1106,1106,1106,1106,1106&tos=1106,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3791825238&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747043102&rpt=2994&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AA56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuxpLIFCOr9FEKbzJxysJlIy_d9-RjLONo3dNFZ5w6SsRDK7Pu_dtK0QcKhGUDkFWkTIyvJyYlke9IWukQbZaxAx9lOlvxmpHTo4NgzZBpY73Eqf6ByrrmMUlrOFrBtRhjtWgtnXSOfDbM4VuGpxp3rBalPL03FHrEHiLUmTEoQFNaj83kk7eOIHbx7voXXdMvGwBGOMra03Q0sYjNlN8jugARP1xzV_lan_rl6Y_oHlUmXfz7Qux4iWtDx7YYFaXTB7ddYQvEOlkO4aD8x4-1ACdN4DS6PYXeXNDFsTIydjFXC55b0kF08ArK6DxGw-hz5DrAvLypBU20Rw0&sai=AMfl-YS7G2zBt78TMokdBMHtJthPqWxud8uksJOBSfle4MjKIzVy4gk8RiGK7PZN4EX2Flc62zNlGdRt4aGwp9GAc9BW1gRcPnXojffz_9NBxoXg_UFUOe-SjwlvH_u-Bg&sig=Cg0ArKJSzM_eJCE3rfu9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame A72F 		261 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNWYPfzVgyM45e5ebqlqWsx3UGLf00dJ4208UgmfxFGOoiJj1MpZJ_TrZiipdj83TF_x9EOV_Sv3m6AXG5qhT4c4S-lXWokudmAdsjN47fiv9Bowtg1JC5L4itl9hDDACFQmRbMsuQnwAPIEfWoUUiijM56uc7tvRFlghKQlfbV1JAcN5mY
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AA56 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA56 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxFDuR1ZffMeDMUIz-jbGj7FtGaBF5-54DB07AVTCNR4vknUI9OFRDo4B57TbHYBkMbcdWWad6hRfTBcpvb9jhpY_7Pq-KVvBvnrc9J51-i8q3y4I
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA56 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13952931540454147234&x=8&ct=76
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
25d32f86-9698-4626-ac29-f3c703122bbe
beacon-ams3.rubiconproject.com/beacon/d/ Frame AA56 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/25d32f86-9698-4626-ac29-f3c703122bbe?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563BA1A297A06E81B473AD8636B4F8FE6089632C1CBEC02EDF8A48441E1CC6918D6B42379A6EFE84B9E95ABF4BC26238BE18FC9BC991A3FB34E90F2132073127313DAF386182E885AEF7BC9995CA8FFF9ED14F28C0D028E2D55C7623A54D01D40B87F3C307BD9B22454A6A83A5D0C94AEE79D9CCDF265580875C2605645952F60178290549BD0F6342441054D004E407F88252EB2C5E555E1B3DCE348628A52581EBDE3ABBEDCA57B9781687DF9F77327141E82A954C1004678A
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA56 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BE9F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupnSfNlzvrivVfMqI-PsWUvz9wJRAEifXvDDuG86Mlf0hZppRqrooXKZVUKfpyo3g0IWHnMs6MxpqwvPlPtCRTXF_E3WdjFggXS2ke05tlaFo9DnEiFk0Gi_WmfgkEQmujDDvdRStJPYmays4K4XLfevs7dh0RtDK7YKf8LNuyhST4LXG_xuFLv_n7_iGtrStUBxubMfPWorq4aPuGBo_wXvExZn8Bg-Amf5yUQUy_8MYCnSbqMbGCJiRTRb09INdQUKfUMbEWpZnCwwZnZ121z7pbh0LRWBYU1SXLVClUB6-zODqoeIww7-ryX4ue3SwRZ8yMayEp9fEf2Xg&sai=AMfl-YTjglxyyVN9osB2I6CD73mHUoMQ1vbNSjq9lV2T9PnKidwrORZHUYcJPBhK-TgUX77a_YOm3MJY2Ffmmce-LjwCJm7xX0qEuW17pxzUP8235xD_TQZhLSPZrhRqeg&sig=Cg0ArKJSzHzx5sTJkt2zEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6E3D 		261 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNVXFIhRiwTnDIgdv2gwkjZG7E2i1D95TNk-kmduXubToTCnfLjtCG54aT_SsevzdeSam3HkDZAlGxqNlKwp0s_k6STAqba1cHwjCdsJEHD15YkyF2wjOW4oSOH2ahBc5LDVQVaE-o1jndxzFCEhQ-dTfxH7EdfFIjOSxxK9-YSvUzcF4U0
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BE9F 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE9F 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3H1v1-ut9p0wI5q5nkdF-O3XNc4Vvw-qrI1FahLsknl1C7TrYMLLHR9q0dGqGGyGaIPQjKPKh_-GSdyd87IEmszf8bA2qsm2yC72ooI531-PyKWE
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE9F 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14646098180658206588&x=8&ct=76
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
558a5b0c-8342-4954-a27a-2fb375e3ade3
beacon-ams3.rubiconproject.com/beacon/d/ Frame BE9F 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/558a5b0c-8342-4954-a27a-2fb375e3ade3?oo=0&accountId=24022&siteId=410000&zoneId=2299328&sizeId=2&e=6A1E40E384DA563B50EFFDB827792901B2BBDE43E864D9B3DABDD66C486B60E39DD2DBD9CB5F68166ED197DEA0835A46C1EBE65E7377AC8D05AA6595A1866C310F2132073127313DAF386182E885AEF7BC9995CA8FFF9ED14F28C0D028E2D55CCCCEDB87B9BE6DFEC90A042B2C2FB3E66A83A5D0C94AEE79D9CCDF265580875C2605645952F6017859B245F9184CD39EF1F467674A91BB051A03D87F0A0D5A11C31E4B63C43028DA4A9965946763643C3CFC38A36FD38E66E82A954C1004678A
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:26 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BE9F 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC7B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3603935988212&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC7B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3603935988212&version=m202301230201&ct=76&x=8&cor=17924042302618511000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CC7B 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bo2zcQC3UDuAObV1da37R7uJtmmiqyzWlV6E_5Njqg9dm3y0VR0Pb_CHlKpsQSXYqE2CtOIUPQg-rWvny-RMzhxzAJjK5T-an7rrkOlfUp9BHhbTTcI_u1xNfOoEYNN5hr5VojjzNP0_T4U4wXBKMohGIKx3zjYAdAktaFwNyGnTZf7WE&dbm_d=AKAmf-C9hyBf3CguVhAuO7R7VYA2zT1KihrWzqxAHvxExMJvQz5yZxGiTyVI86ApOjN1wqk2hWRKUsEsRkMaASSe_xCqChSjnEfuATBjV0FdZknCCZOycdSXCjXaSgSbQoe17l2oef2yTnlNrjTqZvSNgJXgXPNUWYPh5gR0fKmiYb20FFCySiYob8FqK1yxfewESBbKCPZlwWbKc8T8bubN0JEIDIgdrs9QpcAD4b2193_mIDCKFpvW-djoc2T3uA-RG0pTaV_uZsMrovZRXNmXwWH1CidCBYOmaI-HmZUpJM2U7GIK4LH74oiqvjPBJhkUsF52wdtvSllaSfMM_dfrU6XQZ_5BZmDac9TBLJ8Ywo7SOGdiyBhx5gxtCzxYngCJtNJUAJ0EfRDQjXLzoXbJjT8QVQqO1X-_eoN9to0i61x9U79R-YQZutnEwBuxLcqA_e4GXpsOwYlt3-0TSlMt8QLUEUzrH2ZpodKp_YkjPnHHLNkbvA8gOMqAdS-eVvvkqeVolF9etgE05DBP0OTd_iood9zfd4YPFoAOHCHMuSQaZRzOjpLau4Wp3qoHY2AzNrxVJpNsNlSP5kA38Af8Iu4iez-Cr7nLqNu-3mwbnrKJwoyBxW-aZKsr3l3qriazjNhmCFkuQEWinU86KRPTMnvrOexYgmRxmn8Wydr82jWVfWk4-8Lw5CFT2ozf9NUU88oF7FbXtISR4P7NCCAlfU9eAUaBnWdr6_jtyv-LEtSLRvPEEwYRkilEXYclZpp9bFBp-3qh4eCh_YKIL8UttelLinEjHapyKnFRKjbjJ8-Sbk5E2RLk-8Oikr2Aki7v40IBZ0dcJv0k5I8BltLJHO3J2EcXgJ4kO_fB9cHnI7PgLwgXdQ1wvXx5p5JDm3TKtYCi9mr3S9H-tZD1RqkwEgSj_iqGQDq9E9aBx0RYXCOOdwrRqP2WLpXbG2yxp3pcVfEQiikQcztxQOAa3IJzmn-lhZzc4z7PddRb_lxloVhq6xFbj1MqySSMFTJvJ14-OtuVxwjD6lIPTyCasthoIwzmVXSBreOHRRUh7siXHmXUB1NKSNrk6GLLxslTmbfBA97LL63SvfpbdgV-3tECq8ebXzWMg36E6GSo2nX1RMaxc9HZT733mNjiQwKr4jt3Y3vnW-tp-yZgqOcjiQ7RpyUoNigbewLtecr2FAoGhsq1U6z2LxnGCYM0ZedjXyrF_jRiHR0VmR1ib5IljhHtT9TTPjxybjKg1tNKlSN32XKVtLoaLMIjOwtOmWObiP61WnhNftBr34_oYkSdl6emY9UIIXp70TMDHaJRxy6I5N2PMbE2BU3ALxAvDtskyutd2bVSPzU-KHLi7YPfMPS1pzsIxM5uPblCXJtCrh1hh6av4RTumDN1wEwGbORVTN6-QxEevrfinYQATDPBKvTb81PuLMTTKn1_e2gRh0BCtgMfMSY1L6D4f7RiyWmSHxR_bum29XkzIR6aXEL_OUXXYdYREdFkLr2dIgjy0uSd5TvOVgOQ87uIRWTAwjLcecbf6TOsBbs4EET6Cmuu1WQTAcXMfynSfKPZWPospHRVdYGZMjPo7WzVqi6FxwxuJvTdmwmTmH_yBy3oIAXfTfFQVps_uAMl0LanclmJ_sAnWr0R-NODJjJR_EzY8V35-2AqZzdUEwPhoEU3COt_3aOdmN9CQ6n2XDWy00dVNB4gSSSCO0z9Je-GEMoFmtp7qYpnteaWucjqYkKcafuKRNDZgtzwvP8DrgXgY2KwgFQJC00X_wgdh766f8ux5zM8LxmGLuwoW-bFaZHZ1kjvUAHd8hKCzYLd5-Bfk9aVl6eqYmPYczP4eu5p5L8VEuwTh9tgAcMPMAPHlUM9La_P-uOxv-I_z9CVzJJk0hVv4R7cKi6_EbbSLYuDuhZwNaOszsVLUyd64WcX0lS4rIxapGgVYVzDuMCyXUhtQmIEEmbrYHyG_kkIEl9_l_LTUGwCHCt605MWp0ovIAogVduRFNHoZxKqFFu7owsPmMggMwrzEz3fuU9ilNfKju1S6Y9tA_qsy7huLz-Y-cBjDeT7jEiNBYBr4OSVvWO2QnF1pl8L2GgujFg99VMFbTlcYjzmTpIjyJanfgcLpE3_Ab6q4ii3VhvhCAcUEwLSkTzaEikAtsozuchEDc1C4VR9y7x2uv1iaFgfuExOLMgMd5rAbbu2IIwCg9xTAAfBm9OIyBrsHaUO2EU0zwvsO-xYhqC9Aap4GwLtWu3671pGDhJ8XMCPxmPlXGeZ56EGRVVEKurQ5b70o0RqLXfGOfazMl8YpjUUY5rkjWN7wRt3qqmIRUtlnS1MSnOR1y8UYyphIC1qaZ7xglEkM9P5BZDrgIGP1MjbSdcq-P01A1woa-J0lfeRgYOJyMRZfp3FH3mMSYtNvIMFtPs6lGz6q9PDUQmUY0492Lx4hZoBGJ7Bv9ovDCjS2l63Cx4mjv5VaKMNTgzKQXPE-7OsUpYCCZUXGehagFRymvP74TX1Rp7Ffsi4atANhJ3GMs9fqECqRbeBbcuouLz608s_OwjNRpZSKLGkYeZS-WPqlNohade9OAVKvb2eA5H8PfG-RQbI1NrsoOG_7DccX7sEPxscdxayvFOK-SvGD8cv5L5SCchtXfV0vu2Lb8IQH1plumQsiK8D4XVpCNfZ6mZcquOr-un80VwqxYwLzJGjfF8sntyMhpFwIgpU-kl7J2JGMeUHBawVgyWcOIqloKplybCqWJW0OJRXaIAXph08yIwem2lvpxKZ20T3avfPXUACI1Hj_GNtaWSC9B-jcYh9fiS638R-ARgepQRQY-F0HheWQ_11dUvSHM2je-tq8HqOGbx3tAQBBDh2-3CYLJ4OqMNLPKn19t_PuBS9ruBvzTqPUmwFpRRCTrXRKErAEBcU-lQX3h-U-sjrX5kvejXA8SmMTU1rHKIP5Jnq1qSsBuWvSuiGUSCuFnUXkVBHYr1H1AfmzwyoeiT6zQWakcir4tkG_AZqj9GmG_fAOhLR22bkgSzYvAT-ZZAoGAxbMgi8DHK6816EV51_garaPqoD40zwQAE9jJSxemqAVNNq-dqFtaWTSEDLQOQfScyUEgXTVc4CYtWaB3Ki124Xd0wNGoJ7RAbgKiooUKcJjSaDhb44ll3ibu_B3SgDQYyoN-3RgOEfPFGc-UMVRFJi4SZYT2zo4jEi0zdjNlyf12hHc0iF-lBOJDtR7n-G6-8da598cjbNcVVkDfZPwrsGviqX7I0e6DFYcXqDtYplp_j-qXBVbuTRKeCYs3YHXFDKTBT4pcJC9OWfC3V1vHYiR3d6zdyzKuFSC9x3Xt378rv-8xHqbEJeGUBfVhieurGWxYHVvMS7-jLI8JLcmcPDCbxYqHf3_wBon1Y17XfiRv13F9eUIWV9oje7DJQ07CKoAuji8yer93wz3cAP-CtYFYAlr8kQwyFZy7_qggOZ2kDwcRtc0cLPTFJQLXp360aE7y-V04x6hf9nfBOpDNvLKYIuaG4&pr=8%3A8B9ED9401062E773&cid=CAQSKQBygQiDi-nz1E0C2SYE_wuO0c_HuY31RAmMkXVb3Go7UYQN-N6RifPiGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=17924042302618511000&adk=3120287343&idt=79&cac=0&dtd=507
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8a13c76252b997e96ddb0333802d0f1dc662a79adb0f4564c00885194ddbedf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38044
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1C51 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcIv2fOI5xPbHtu6ZWD62Ahd17FuoVkw-WiVgK0ZXHmMkKP2Ik_mI2Rf0oOvkFZZbh7dfSIS7FZehXpSiWRqabgLMZZ0WIwpJGBy9uRtvCqIl9ueFl&sig=Cg0ArKJSzOandcYxmo2VEAE&id=lidar2&mcvt=1608&p=899,353,1149,653&mtos=1608,1608,1608,1608,1608&tos=1608,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2678559298&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747043196&rpt=3030&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7DE7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ6UM8oAYzPR1eXYZt7koqvTilOdRQDGjyTKVOejubhJDcJe9yj4EbIEg3BHAT874HtWVUvRnkSJ8j60Q6kLm17Bt65mRs8i0SgPQdJu31O8hChWrn&sig=Cg0ArKJSzLc7qjwznyQ8EAE&id=lidar2&mcvt=1611&p=899,353,1149,653&mtos=1611,1611,1611,1611,1611&tos=1611,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3518033837&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747043860&rpt=2371&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
ad.yieldlab.net/ Frame C2F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNUVImWBTxjsmlaTPRa6gnI81utB1FJPOmS3C6j5-GXRV0NmT4Oj99VZX8sh5oQxRCA4_5OazYto_vhAYarrpKYgRmY9bOH-Afg4Z8AfbPWSrgbEdr9ksET2_TS9hIO_c8x16SdzkfTGPct-0rBYYJnKvr16WuJevUekQ_3eLQpQ7e5vms0
Protocol
HTTP/1.1
Server
23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-16-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:28 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sun, 21 May 2023 09:17:28 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame C2F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNUVImWBTxjsmlaTPRa6gnI81utB1FJPOmS3C6j5-GXRV0NmT4Oj99VZX8sh5oQxRCA4_5OazYto_vhAYarrpKYgRmY9bOH-Afg4Z8AfbPWSrgbEdr9ksET2_TS9hIO_c8x16SdzkfTGPct-0rBYYJnKvr16WuJevUekQ_3eLQpQ7e5vms0
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:28 GMT
last-modified
Thu, 11 May 2023 08:48:09 GMT
server
nginx
accept-ranges
bytes
etag
"645cabc9-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
ad.yieldlab.net/ Frame 6E3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNVXFIhRiwTnDIgdv2gwkjZG7E2i1D95TNk-kmduXubToTCnfLjtCG54aT_SsevzdeSam3HkDZAlGxqNlKwp0s_k6STAqba1cHwjCdsJEHD15YkyF2wjOW4oSOH2ahBc5LDVQVaE-o1jndxzFCEhQ-dTfxH7EdfFIjOSxxK9-YSvUzcF4U0
Protocol
HTTP/1.1
Server
23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-16-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:28 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sun, 21 May 2023 09:17:28 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame 6E3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNVXFIhRiwTnDIgdv2gwkjZG7E2i1D95TNk-kmduXubToTCnfLjtCG54aT_SsevzdeSam3HkDZAlGxqNlKwp0s_k6STAqba1cHwjCdsJEHD15YkyF2wjOW4oSOH2ahBc5LDVQVaE-o1jndxzFCEhQ-dTfxH7EdfFIjOSxxK9-YSvUzcF4U0
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:28 GMT
last-modified
Thu, 11 May 2023 08:48:09 GMT
server
nginx
accept-ranges
bytes
etag
"645cabc9-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
ad.yieldlab.net/ Frame A72F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNWYPfzVgyM45e5ebqlqWsx3UGLf00dJ4208UgmfxFGOoiJj1MpZJ_TrZiipdj83TF_x9EOV_Sv3m6AXG5qhT4c4S-lXWokudmAdsjN47fiv9Bowtg1JC5L4itl9hDDACFQmRbMsuQnwAPIEfWoUUiijM56uc7tvRFlghKQlfbV1JAcN5mY
Protocol
HTTP/1.1
Server
23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-16-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 May 2023 09:17:28 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Sun, 21 May 2023 09:17:28 GMT

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEJ-BY1PqHqKrMMB_qmT1ZsA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame A72F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvN7jwAEwAQ&v=APEucNWYPfzVgyM45e5ebqlqWsx3UGLf00dJ4208UgmfxFGOoiJj1MpZJ_TrZiipdj83TF_x9EOV_Sv3m6AXG5qhT4c4S-lXWokudmAdsjN47fiv9Bowtg1JC5L4itl9hDDACFQmRbMsuQnwAPIEfWoUUiijM56uc7tvRFlghKQlfbV1JAcN5mY
Protocol
H2
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:28 GMT
last-modified
Thu, 11 May 2023 08:48:09 GMT
server
nginx
accept-ranges
bytes
etag
"645cabc9-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGGteGLv1tikTnPkzspYCaU&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2438 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5008393724105&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2438 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5008393724105&version=m202301230201&ct=76&x=8&cor=17662381457414310000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2438 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcdV16jvVCTsUL1gvelkyQRoLp0sEt2pWF5lIl1pKp89EVcvwSiHUZUnR7pWTieBqOw8sBeM_pVh3O5Hlu4sw7y94sSz4w6chT7P9y8LCxMjUAQLp90dWK2YyTx0IOlHUd8rVQNRwTFBmD6g1uIDPrmO36ny5b36Vm0nI86g-D4BCrMD0&dbm_d=AKAmf-ArD43nFekVwWTNqg8t4I7gG0EVOV-pqgbvcGHlvRFoMjw9AZuYvp0Xj7hJj1mA4g_TQdm7VP1VbwnQIPeWmPkYDasEsf0euMNjG__DCrjDBf6nX6usnoMf24akq-psLlF8R9iLbdA8nnNlntc3hlvzMsJk6CHdUCla9MCigNsOBGa8U0rZbbqydUi4SXPzmup9Ew8SqO63k0HpAdXn_sX8jMtJHS3JQB9SgSmrugBLavfGBhSrH-KZgKbWI8m_Hz6JaQ4JVt1VmjmaHfW5KoRzXLv9R6fACUWZyIT33meawC6RZnPfNxCeAMFnR13aYcArUVTkwN_wqdT3FRlVYXeGw1Taf1gyosX7nwTphwcHCqGw8ezI8Ga95xvp3U-vMXGzgcj03OUJEVvT_tu-5vKO_Qh7RRsN8z09JPs1sHIn9xFi3MQg2sQngF0y7GRbrYMn4uvDYuoi1bvtkDK92VpFTJawnl15qCILGrZOzWoXNApELZgIYznERIHbYxLXj-APvudHa_sDC-o0FlprBPJJ_nhkL-aGcd7TiBplPSi5Wym60ZNuezDrEimgpbGvfESm9QhMWGiQeXqjmBi5vtF73nivGWcuDvNmpRGyeF3CLwQyJCetMD-d9ouP_pvCYZyGjbX7n_Vq3HUBHx43S27nE-_iwRkeCU0RSgzVvWQ_zWDwDOq82FtilFJIvOCDUKi61mrxmrQjjU5peadhcVzO10uv5T4wYiJrGdEajObmF1Tmbarf5SYDiVdbEH4956yWzJ7Ib69RhTtidccZ6gmTbi5U3E2FqdYb0gFveWcZmj7U8-Nl_LyFZFvkUAS4JcpZPEDY9f8NYmIY1vnVkw2ugqs0dn3B-IdUDaR7mn-dMstltPDTFf1RiHpS1pxaCp8_760oEYG2uWkjiSs8GD4tYlRePYCf8oL85wo6XBzhRQ_T7OIpLaH3hNUpdaZPVWDqv-QwWkpbU7oBFGMkE8dKZ1xc4POT5yZBNXU0qref2BbTd9-04K5BbYMgTMT7m43-ZIMKJJqUEXrFvFjFOmRjcSY-E3qcKnehmIcF4B7GEOcq1B9I4YzCQeldp8ZdW6GgV4NgbodoLywCynq73wRt8GUKRhd5Nhq3gWWhqvYSfbBxvnRjKsIBd0FfvdK5afbMlJ85fNGe1O-lBhAyUOj7oqrABkV9FXOdCkPKU3jDpQuQeqTkh63dabqqTU18QIixAYcoYa0aKcpU2S5jMUQ5UzlZjb7B2Pq_RWB677KIpJDP3uA7PWQhiTmI1K2vQYh5Hcz9I4Bq1NY1pbDO-amyN06fGF2gZbl2LD_dq0-Xrncg98tTLedsHIcBoA1EsCTAoV5BePYJgO8bjGyDh8YS_-GK4MoVGeNoMj4YJ6zQcn2Sx7iijC2iiQ_v6WUvSCCM3oz6JRyhi2dlbzY5HLjJfc-TVRPAomRK9niZ3ri_sOcIIMh6OkvImXsQ2Ms4TQF2Ka9GqaFM76PYBY9M2UppAxihaEFnttqW9Xvf7xyEdho2HJTd1hn-CwYH1oQsDohCkxxZeGA9d3gZJB7RLWp0KPx_2SRpxZlHo97irRkfCM9qcQddr_jStTAmXSkh17-ntpb00B0HYMJq1UHjhkYFBiPyDAT7jKSb5ruwoxGoYEHtOnw8hi7RN5stu_NhvBDuZlKQEV5VhWNaTMQo5h9qAH99mLxUxkx1FK4VYCLcJvxT_K6LkI16tKfBvkDwWJGHNIaGYxnX0kmG_32iRNliBNRptuSq8bE5x-mrZEISzj7_-4znmxBVUWfb2gcWHrOUZqQAulOQo5bZj4i1Jf4Ctamhn-R7vYJMc_7kxlkIOV1TpE7oFGvCImBcpvxGqXMgXUTa6VunvjYA5WhT8cQKk8BDOdi7KlX4QaPkS7jgtjpsGJ9pqYVGFS9dgxy_cR173RcYsqSDrLMeAPZbH6oi76keJEEX5cLqEm9qnxiLWE5mqje2gw1P0Rjq1WCyW_Ds9mkVOm10hLN3UJi1KshGvCnAy3nCrdESKySFps6DAOFik25gwnpjantq5DY7uFURVIjg5fO2LLNd8qvGJtKgHL2Hrx6x4a-suD5z05cL1rZ-dOM52hc_JtmRTLlbubDoNY-D1r9USlzD9FkL7R95HeJwumK1vNkVm3eb3CJl_K66U0AtnHHO5UMM8Kp0xoXdTJy_r_c95tu9RmiSOzBg3RAghUuJ6tTl5TcsdMJesktHiHz8EYAgXNze-p69lRymK8wAwAn1fWixpooHqQJ8va7MRdhm_uJpaxf5wFLn_9JJKxbeBkYXM-U8fVU0CECMMg8UfOEJvXa53VCBXRLmMSBuFujyROv8I35QBE9wU4-jPuDA_dXxLHas03cW99yUtd55WYDPaCKTvKRAeBwtd0_OeA5LCqlypqiRRWhSBVtv45jIrB9wogiNInDIU7nkfwcD4u3mk3VCD6dXYGsayG0X9VvOMuYZo9gCej45DYkpaGQJcLWVBMhN-iU2C3BuCDbezRHMMiRvhZbAJ_8tz5rmKfJEGtpmatm6695tL2cmXhfLC2Hkz-jfJh066MC9Xi8HoXb6tk4XtHIcy7jyd_-jAop7WdPIR0CtYJROSqvJp6tOrPOghXT0LH3sHC6HsGzdqG_LKGIi1yB-1D2ntxxfks7Kvmpvkw2ZHcPkt7FIcdvMn3PD8ALVCq0NLJ34u4FO5a9Q3V0cgQAgAoYR0-lX__EJTgklOU0sG9EaLTUE2Gv3CkAbKNW53Nnb-ouGTLyP1znf90c_kkChEimnz5Kqy6frBnW0wj3q_b6EveoLvf3J2yqq2oucxOnHDmBzHNWrLwdiAyGeJtW1NM2AvfBR-zys0HM4m5a5f569uOc5OYuXfyBrtJvAQ8zbRw9MRuWA9s19tH0Z4DoRqsc2-sBjM_qgbiiJ7lxFTj-JVubT8L_Y8ZLFkJpht8AJ4T8r7Cnm4A0tO-cbS2WA2Wl946kgPel-LmFqAmQCITDBM6VDq1xhcMWIIEa-erpc6PM0iJ3J_VIDOd3nVq9Jnlx8Rnw_gjMtaVfkKJPKw0q0FgxCvVuyQuDQP3MRVxzJMfYPohqyUi41qmfBSljH-F4cdn96lcQOOY0SeEVo5W77Y_piikbcC3wmJct0GWidkus_z2VeiGsVqlFyXpVRjPKbIZTcgzVDN6z8-vQJcbEPGP25egu6B14vJ9MvBpq7dz1ScXHQJGV-ROzj2k5hHM3j1kvt6K1tHaMdndAIx3PPRbXCSaVxyg3J0FzX7RrR9leiLZCrLrdYOOJNZuYFrGEZ1G1djiJNldZYlEcDiGfnLUb6TRw4i907ocYO2nFlrxiNvJA9cWmqpyqutSdedtcuwDmU2bL0bOuA17M7ekN5LoyLIj8XLmqqKH4ULKlCbh-SHImITdsD_gmuXSboOXSVvywytqJlPQ4T1b46ENrChf72RwWPL_Dd_8t_YTCyxy1MBMyGEWEqU-AR0pUBt6h-Y1Wa0Q&pr=8%3A8C6803FC981D8CE4&cid=CAQSKQBygQiD_ty4tufSMKJ3XdJa9vKr2-CJ3pWDQBrXWanyfnUBMU0lBTsTGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=17662381457414310000&adk=3399080681&idt=75&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25a45deddb6dba1e03c2148f87017e567cbf4d96095afa25f258c40f14bf6805
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37987
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 471D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=279225184921592&bg=!gIOlg9fNAAZ8_aWmXP07ADkAdvg8WhXY3Iz9a878HpXSmPsiymvRahCdwMAyZA5cAS2-v-dMiMZGPixq0BNTbnYWETK6kvvODE8CAAACpFIAAAADaAEHCgCu_p2Fy465CBK2sS_CAGoimaLptC4wER7X0qSfHgBFOBuv2JovU55MAym_XabujYLq56WeQJBzgxPEKrsamYf-AZTSw6rtohM97RCGFNm1VN1rhaet7HhnJap2a64GbGkLnzUrTUFm1wCLugm7UJ6bC_DKC3HaFRczcIW-nY8_PXtcdjEughA-avjvFamM6dg54gXFcuF0oI5eVS2u3z-_b-JSHR1bH2D4O9ZAUtLImQLM3d7UwGsyQdOWK0jQyLAl2rQfSSCpooL7db1RyzNT-E9V6mUXMyc4l-rUpyrooOd9KG3IC4Pqrmb64jpAeGy8dT-yM07iRq0cpanjy34tMSZOUb-v2VR-Pi3I5Q9URPrgRudfDODZATLlpu6kKSulcu2JZ9fa_BLrRC385CU-KIIHX5CtaN5o4-LRmV3liorufqsQPBn_YkXxN9bVnwnnX6HT5xkPODQcwED5pVPzLxtS8avahMv--bgP_zdvE5hXhxO5nsrNhj4PMLXW5Yekz6rKr39aIuhQQCgNDa-_dRR0wS8sybvMTIsQDO9jJe-rG7kBwEhibOjfDQM4YETS25Lqm9_5AUkcoAexkL392emvvub0FFpyrLglA66Ps2yldkRRu4w8NhHPo8E8I43WsQi9IviNYweG40yElprM-y4ltN-FLD_ble9mfGH_qkGDCaIRazfGTlwtXM-WswGRRLULUrgsDEkHbzgbaVRwVWSJfAV4WFQ2qnWdoi44iV-IMJBmZ5NxCZ-sJ7lFOC5XyxRZWL7daYjnk_6T45UrVgnrS1yhCOwXaeJeHzpk8GVgEHygvoTC37HKCxutcg6KoMe65ZomunvVthVuZ5jD-prAfFFrq9FJd8TfIw88ieV78ncngG59Qlc8Er4Hau6do8t3G_lSeWOgg562XxJJDGGOMYoH0AqBuTG-ccLNavQjjL0H7mv9cFOllzTePD6wBxhaSh1TPswY9OKbCmc9mCWW9Nbf6b00RFEESiBWG8l2NHB0foOy47SQMafdjMu-z8PgfJettvevZpV-na1BAjB2yBBhpt8T9jHSv6kNLpbIxmiVzURMMHBtNR_nVSbY2FStG9DhXhaC3rfHfZkeq3Es7ZaZpym1VenZnrP9hJVMRkgrt5MzHjEygdfHnxY_6e7k--VKQpKQ2Zptn7QqaZ_vQkaNd_e1lZ1w8r8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CC7B 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 07:18:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame CC7B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bo2zcQC3UDuAObV1da37R7uJtmmiqyzWlV6E_5Njqg9dm3y0VR0Pb_CHlKpsQSXYqE2CtOIUPQg-rWvny-RMzhxzAJjK5T-an7rrkOlfUp9BHhbTTcI_u1xNfOoEYNN5hr5VojjzNP0_T4U4wXBKMohGIKx3zjYAdAktaFwNyGnTZf7WE&dbm_d=AKAmf-C9hyBf3CguVhAuO7R7VYA2zT1KihrWzqxAHvxExMJvQz5yZxGiTyVI86ApOjN1wqk2hWRKUsEsRkMaASSe_xCqChSjnEfuATBjV0FdZknCCZOycdSXCjXaSgSbQoe17l2oef2yTnlNrjTqZvSNgJXgXPNUWYPh5gR0fKmiYb20FFCySiYob8FqK1yxfewESBbKCPZlwWbKc8T8bubN0JEIDIgdrs9QpcAD4b2193_mIDCKFpvW-djoc2T3uA-RG0pTaV_uZsMrovZRXNmXwWH1CidCBYOmaI-HmZUpJM2U7GIK4LH74oiqvjPBJhkUsF52wdtvSllaSfMM_dfrU6XQZ_5BZmDac9TBLJ8Ywo7SOGdiyBhx5gxtCzxYngCJtNJUAJ0EfRDQjXLzoXbJjT8QVQqO1X-_eoN9to0i61x9U79R-YQZutnEwBuxLcqA_e4GXpsOwYlt3-0TSlMt8QLUEUzrH2ZpodKp_YkjPnHHLNkbvA8gOMqAdS-eVvvkqeVolF9etgE05DBP0OTd_iood9zfd4YPFoAOHCHMuSQaZRzOjpLau4Wp3qoHY2AzNrxVJpNsNlSP5kA38Af8Iu4iez-Cr7nLqNu-3mwbnrKJwoyBxW-aZKsr3l3qriazjNhmCFkuQEWinU86KRPTMnvrOexYgmRxmn8Wydr82jWVfWk4-8Lw5CFT2ozf9NUU88oF7FbXtISR4P7NCCAlfU9eAUaBnWdr6_jtyv-LEtSLRvPEEwYRkilEXYclZpp9bFBp-3qh4eCh_YKIL8UttelLinEjHapyKnFRKjbjJ8-Sbk5E2RLk-8Oikr2Aki7v40IBZ0dcJv0k5I8BltLJHO3J2EcXgJ4kO_fB9cHnI7PgLwgXdQ1wvXx5p5JDm3TKtYCi9mr3S9H-tZD1RqkwEgSj_iqGQDq9E9aBx0RYXCOOdwrRqP2WLpXbG2yxp3pcVfEQiikQcztxQOAa3IJzmn-lhZzc4z7PddRb_lxloVhq6xFbj1MqySSMFTJvJ14-OtuVxwjD6lIPTyCasthoIwzmVXSBreOHRRUh7siXHmXUB1NKSNrk6GLLxslTmbfBA97LL63SvfpbdgV-3tECq8ebXzWMg36E6GSo2nX1RMaxc9HZT733mNjiQwKr4jt3Y3vnW-tp-yZgqOcjiQ7RpyUoNigbewLtecr2FAoGhsq1U6z2LxnGCYM0ZedjXyrF_jRiHR0VmR1ib5IljhHtT9TTPjxybjKg1tNKlSN32XKVtLoaLMIjOwtOmWObiP61WnhNftBr34_oYkSdl6emY9UIIXp70TMDHaJRxy6I5N2PMbE2BU3ALxAvDtskyutd2bVSPzU-KHLi7YPfMPS1pzsIxM5uPblCXJtCrh1hh6av4RTumDN1wEwGbORVTN6-QxEevrfinYQATDPBKvTb81PuLMTTKn1_e2gRh0BCtgMfMSY1L6D4f7RiyWmSHxR_bum29XkzIR6aXEL_OUXXYdYREdFkLr2dIgjy0uSd5TvOVgOQ87uIRWTAwjLcecbf6TOsBbs4EET6Cmuu1WQTAcXMfynSfKPZWPospHRVdYGZMjPo7WzVqi6FxwxuJvTdmwmTmH_yBy3oIAXfTfFQVps_uAMl0LanclmJ_sAnWr0R-NODJjJR_EzY8V35-2AqZzdUEwPhoEU3COt_3aOdmN9CQ6n2XDWy00dVNB4gSSSCO0z9Je-GEMoFmtp7qYpnteaWucjqYkKcafuKRNDZgtzwvP8DrgXgY2KwgFQJC00X_wgdh766f8ux5zM8LxmGLuwoW-bFaZHZ1kjvUAHd8hKCzYLd5-Bfk9aVl6eqYmPYczP4eu5p5L8VEuwTh9tgAcMPMAPHlUM9La_P-uOxv-I_z9CVzJJk0hVv4R7cKi6_EbbSLYuDuhZwNaOszsVLUyd64WcX0lS4rIxapGgVYVzDuMCyXUhtQmIEEmbrYHyG_kkIEl9_l_LTUGwCHCt605MWp0ovIAogVduRFNHoZxKqFFu7owsPmMggMwrzEz3fuU9ilNfKju1S6Y9tA_qsy7huLz-Y-cBjDeT7jEiNBYBr4OSVvWO2QnF1pl8L2GgujFg99VMFbTlcYjzmTpIjyJanfgcLpE3_Ab6q4ii3VhvhCAcUEwLSkTzaEikAtsozuchEDc1C4VR9y7x2uv1iaFgfuExOLMgMd5rAbbu2IIwCg9xTAAfBm9OIyBrsHaUO2EU0zwvsO-xYhqC9Aap4GwLtWu3671pGDhJ8XMCPxmPlXGeZ56EGRVVEKurQ5b70o0RqLXfGOfazMl8YpjUUY5rkjWN7wRt3qqmIRUtlnS1MSnOR1y8UYyphIC1qaZ7xglEkM9P5BZDrgIGP1MjbSdcq-P01A1woa-J0lfeRgYOJyMRZfp3FH3mMSYtNvIMFtPs6lGz6q9PDUQmUY0492Lx4hZoBGJ7Bv9ovDCjS2l63Cx4mjv5VaKMNTgzKQXPE-7OsUpYCCZUXGehagFRymvP74TX1Rp7Ffsi4atANhJ3GMs9fqECqRbeBbcuouLz608s_OwjNRpZSKLGkYeZS-WPqlNohade9OAVKvb2eA5H8PfG-RQbI1NrsoOG_7DccX7sEPxscdxayvFOK-SvGD8cv5L5SCchtXfV0vu2Lb8IQH1plumQsiK8D4XVpCNfZ6mZcquOr-un80VwqxYwLzJGjfF8sntyMhpFwIgpU-kl7J2JGMeUHBawVgyWcOIqloKplybCqWJW0OJRXaIAXph08yIwem2lvpxKZ20T3avfPXUACI1Hj_GNtaWSC9B-jcYh9fiS638R-ARgepQRQY-F0HheWQ_11dUvSHM2je-tq8HqOGbx3tAQBBDh2-3CYLJ4OqMNLPKn19t_PuBS9ruBvzTqPUmwFpRRCTrXRKErAEBcU-lQX3h-U-sjrX5kvejXA8SmMTU1rHKIP5Jnq1qSsBuWvSuiGUSCuFnUXkVBHYr1H1AfmzwyoeiT6zQWakcir4tkG_AZqj9GmG_fAOhLR22bkgSzYvAT-ZZAoGAxbMgi8DHK6816EV51_garaPqoD40zwQAE9jJSxemqAVNNq-dqFtaWTSEDLQOQfScyUEgXTVc4CYtWaB3Ki124Xd0wNGoJ7RAbgKiooUKcJjSaDhb44ll3ibu_B3SgDQYyoN-3RgOEfPFGc-UMVRFJi4SZYT2zo4jEi0zdjNlyf12hHc0iF-lBOJDtR7n-G6-8da598cjbNcVVkDfZPwrsGviqX7I0e6DFYcXqDtYplp_j-qXBVbuTRKeCYs3YHXFDKTBT4pcJC9OWfC3V1vHYiR3d6zdyzKuFSC9x3Xt378rv-8xHqbEJeGUBfVhieurGWxYHVvMS7-jLI8JLcmcPDCbxYqHf3_wBon1Y17XfiRv13F9eUIWV9oje7DJQ07CKoAuji8yer93wz3cAP-CtYFYAlr8kQwyFZy7_qggOZ2kDwcRtc0cLPTFJQLXp360aE7y-V04x6hf9nfBOpDNvLKYIuaG4&pr=8%3A8B9ED9401062E773&cid=CAQSKQBygQiDi-nz1E0C2SYE_wuO0c_HuY31RAmMkXVb3Go7UYQN-N6RifPiGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=17924042302618511000&adk=3120287343&idt=79&cac=0&dtd=507
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame CC7B 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bo2zcQC3UDuAObV1da37R7uJtmmiqyzWlV6E_5Njqg9dm3y0VR0Pb_CHlKpsQSXYqE2CtOIUPQg-rWvny-RMzhxzAJjK5T-an7rrkOlfUp9BHhbTTcI_u1xNfOoEYNN5hr5VojjzNP0_T4U4wXBKMohGIKx3zjYAdAktaFwNyGnTZf7WE&dbm_d=AKAmf-C9hyBf3CguVhAuO7R7VYA2zT1KihrWzqxAHvxExMJvQz5yZxGiTyVI86ApOjN1wqk2hWRKUsEsRkMaASSe_xCqChSjnEfuATBjV0FdZknCCZOycdSXCjXaSgSbQoe17l2oef2yTnlNrjTqZvSNgJXgXPNUWYPh5gR0fKmiYb20FFCySiYob8FqK1yxfewESBbKCPZlwWbKc8T8bubN0JEIDIgdrs9QpcAD4b2193_mIDCKFpvW-djoc2T3uA-RG0pTaV_uZsMrovZRXNmXwWH1CidCBYOmaI-HmZUpJM2U7GIK4LH74oiqvjPBJhkUsF52wdtvSllaSfMM_dfrU6XQZ_5BZmDac9TBLJ8Ywo7SOGdiyBhx5gxtCzxYngCJtNJUAJ0EfRDQjXLzoXbJjT8QVQqO1X-_eoN9to0i61x9U79R-YQZutnEwBuxLcqA_e4GXpsOwYlt3-0TSlMt8QLUEUzrH2ZpodKp_YkjPnHHLNkbvA8gOMqAdS-eVvvkqeVolF9etgE05DBP0OTd_iood9zfd4YPFoAOHCHMuSQaZRzOjpLau4Wp3qoHY2AzNrxVJpNsNlSP5kA38Af8Iu4iez-Cr7nLqNu-3mwbnrKJwoyBxW-aZKsr3l3qriazjNhmCFkuQEWinU86KRPTMnvrOexYgmRxmn8Wydr82jWVfWk4-8Lw5CFT2ozf9NUU88oF7FbXtISR4P7NCCAlfU9eAUaBnWdr6_jtyv-LEtSLRvPEEwYRkilEXYclZpp9bFBp-3qh4eCh_YKIL8UttelLinEjHapyKnFRKjbjJ8-Sbk5E2RLk-8Oikr2Aki7v40IBZ0dcJv0k5I8BltLJHO3J2EcXgJ4kO_fB9cHnI7PgLwgXdQ1wvXx5p5JDm3TKtYCi9mr3S9H-tZD1RqkwEgSj_iqGQDq9E9aBx0RYXCOOdwrRqP2WLpXbG2yxp3pcVfEQiikQcztxQOAa3IJzmn-lhZzc4z7PddRb_lxloVhq6xFbj1MqySSMFTJvJ14-OtuVxwjD6lIPTyCasthoIwzmVXSBreOHRRUh7siXHmXUB1NKSNrk6GLLxslTmbfBA97LL63SvfpbdgV-3tECq8ebXzWMg36E6GSo2nX1RMaxc9HZT733mNjiQwKr4jt3Y3vnW-tp-yZgqOcjiQ7RpyUoNigbewLtecr2FAoGhsq1U6z2LxnGCYM0ZedjXyrF_jRiHR0VmR1ib5IljhHtT9TTPjxybjKg1tNKlSN32XKVtLoaLMIjOwtOmWObiP61WnhNftBr34_oYkSdl6emY9UIIXp70TMDHaJRxy6I5N2PMbE2BU3ALxAvDtskyutd2bVSPzU-KHLi7YPfMPS1pzsIxM5uPblCXJtCrh1hh6av4RTumDN1wEwGbORVTN6-QxEevrfinYQATDPBKvTb81PuLMTTKn1_e2gRh0BCtgMfMSY1L6D4f7RiyWmSHxR_bum29XkzIR6aXEL_OUXXYdYREdFkLr2dIgjy0uSd5TvOVgOQ87uIRWTAwjLcecbf6TOsBbs4EET6Cmuu1WQTAcXMfynSfKPZWPospHRVdYGZMjPo7WzVqi6FxwxuJvTdmwmTmH_yBy3oIAXfTfFQVps_uAMl0LanclmJ_sAnWr0R-NODJjJR_EzY8V35-2AqZzdUEwPhoEU3COt_3aOdmN9CQ6n2XDWy00dVNB4gSSSCO0z9Je-GEMoFmtp7qYpnteaWucjqYkKcafuKRNDZgtzwvP8DrgXgY2KwgFQJC00X_wgdh766f8ux5zM8LxmGLuwoW-bFaZHZ1kjvUAHd8hKCzYLd5-Bfk9aVl6eqYmPYczP4eu5p5L8VEuwTh9tgAcMPMAPHlUM9La_P-uOxv-I_z9CVzJJk0hVv4R7cKi6_EbbSLYuDuhZwNaOszsVLUyd64WcX0lS4rIxapGgVYVzDuMCyXUhtQmIEEmbrYHyG_kkIEl9_l_LTUGwCHCt605MWp0ovIAogVduRFNHoZxKqFFu7owsPmMggMwrzEz3fuU9ilNfKju1S6Y9tA_qsy7huLz-Y-cBjDeT7jEiNBYBr4OSVvWO2QnF1pl8L2GgujFg99VMFbTlcYjzmTpIjyJanfgcLpE3_Ab6q4ii3VhvhCAcUEwLSkTzaEikAtsozuchEDc1C4VR9y7x2uv1iaFgfuExOLMgMd5rAbbu2IIwCg9xTAAfBm9OIyBrsHaUO2EU0zwvsO-xYhqC9Aap4GwLtWu3671pGDhJ8XMCPxmPlXGeZ56EGRVVEKurQ5b70o0RqLXfGOfazMl8YpjUUY5rkjWN7wRt3qqmIRUtlnS1MSnOR1y8UYyphIC1qaZ7xglEkM9P5BZDrgIGP1MjbSdcq-P01A1woa-J0lfeRgYOJyMRZfp3FH3mMSYtNvIMFtPs6lGz6q9PDUQmUY0492Lx4hZoBGJ7Bv9ovDCjS2l63Cx4mjv5VaKMNTgzKQXPE-7OsUpYCCZUXGehagFRymvP74TX1Rp7Ffsi4atANhJ3GMs9fqECqRbeBbcuouLz608s_OwjNRpZSKLGkYeZS-WPqlNohade9OAVKvb2eA5H8PfG-RQbI1NrsoOG_7DccX7sEPxscdxayvFOK-SvGD8cv5L5SCchtXfV0vu2Lb8IQH1plumQsiK8D4XVpCNfZ6mZcquOr-un80VwqxYwLzJGjfF8sntyMhpFwIgpU-kl7J2JGMeUHBawVgyWcOIqloKplybCqWJW0OJRXaIAXph08yIwem2lvpxKZ20T3avfPXUACI1Hj_GNtaWSC9B-jcYh9fiS638R-ARgepQRQY-F0HheWQ_11dUvSHM2je-tq8HqOGbx3tAQBBDh2-3CYLJ4OqMNLPKn19t_PuBS9ruBvzTqPUmwFpRRCTrXRKErAEBcU-lQX3h-U-sjrX5kvejXA8SmMTU1rHKIP5Jnq1qSsBuWvSuiGUSCuFnUXkVBHYr1H1AfmzwyoeiT6zQWakcir4tkG_AZqj9GmG_fAOhLR22bkgSzYvAT-ZZAoGAxbMgi8DHK6816EV51_garaPqoD40zwQAE9jJSxemqAVNNq-dqFtaWTSEDLQOQfScyUEgXTVc4CYtWaB3Ki124Xd0wNGoJ7RAbgKiooUKcJjSaDhb44ll3ibu_B3SgDQYyoN-3RgOEfPFGc-UMVRFJi4SZYT2zo4jEi0zdjNlyf12hHc0iF-lBOJDtR7n-G6-8da598cjbNcVVkDfZPwrsGviqX7I0e6DFYcXqDtYplp_j-qXBVbuTRKeCYs3YHXFDKTBT4pcJC9OWfC3V1vHYiR3d6zdyzKuFSC9x3Xt378rv-8xHqbEJeGUBfVhieurGWxYHVvMS7-jLI8JLcmcPDCbxYqHf3_wBon1Y17XfiRv13F9eUIWV9oje7DJQ07CKoAuji8yer93wz3cAP-CtYFYAlr8kQwyFZy7_qggOZ2kDwcRtc0cLPTFJQLXp360aE7y-V04x6hf9nfBOpDNvLKYIuaG4&pr=8%3A8B9ED9401062E773&cid=CAQSKQBygQiDi-nz1E0C2SYE_wuO0c_HuY31RAmMkXVb3Go7UYQN-N6RifPiGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=17924042302618511000&adk=3120287343&idt=79&cac=0&dtd=507
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11001
x-xss-protection
0
server
cafe
etag
16383942900985251592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AC96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=888148739970482&bg=!JSalJnLNAAZ8_aWmXP07ADkAdvg8WtE47cYUpHyUJj7wBIL0oE1d47keiI8lxj_x80HAmOOjO-mqm7QOQsVityXKxI-4l_9wG9cCAAAB41IAAAADaAEHmQLGBzBKVvJi6a8oKbFYwbYqp6iguBVmKRYpxmlQrCZzeZZ4KXZkfqkMAYTWCpS9QzSRPwXoFjyUJJNhQSRjloDuNtu7VXQ_bddmNJnoyCk3LLmQMl4L19PwzjIsWjw03LvSknFkoOFYe1tPgsDuFm7qAdvkjDKmHTNdyoD-Twq3Se-kt5nmNjwq9k3iDSKNppaMirBTeFFvmhCohvyyqN7khaU995tt5RD_tXpV0Vbz6ehwBqLG6-GWL1KECWQGLSPvCxMZavWeHVRuAmP7LA_No7Mf7IMzsAUJvoU41fKdBowcuNaww13Wl4_1EAJ8xlt9TePse2eaoYTKLnhxzNiIyj1KHt2aDb9WMAOyKHN8FLI3okAVDmaVOgQSSrhHWkJJID8ybO8tZejgS41awF2MlMtc6OciodFCOBgRo6llRUErgee9OGM3dHs8NFyg9UcZOR2IOHSnfGaB78ch4ttWt0ahU_t-YQOQW-4w11LgiNpLZA_KpBsYLWvdSoC9OLJAneyj5GPt1lGDxsDVquFgfPTZzYpLDzUGnU8mwFmK4C13eijDNqjJTjogD9JhakXizSMbu5N1HLV6q3g0UrpdPcnCnxVUcGsyx6TacBt68vVwP---Q6h_BCcqWFZ4zt97niCz3Xo32dJ2Kq7O0D0dDfSH9ChlCVY42dCtFbRLcekI0q0F5hG5yIDM9hNLLMP38UvxUvdOYZYfLTk9UeFjlIzvqWIgI5daOmVUXx5HMFF-lZL6HmvZkKZ6FvDL_9FR-4C9mzulvp--h7jfSOIN7OTzcdzDv7DRmf6C4N2HRIQHoQzsVHG2TJ40e-3isabwmSQlvCDfAoIdwTxWvoJxhFIKZMlY9JxVVPBHWpTLuHzqyOMAcg6Tgzjl8_8psoZU5qgNsVEf0UW1SfP1OshcyvDTXvyeLNkGc0ud_-IbvI6cHmuNqA0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1E1F 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2tmymQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA56 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4093095370372&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA56 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4093095370372&version=m202301230201&ct=76&x=8&cor=13952931540454148000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AA56 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AMU2nOQdAwX6iwlEo3wRAid7ZaV_bZGXdUPHTmNqArWLHLe5LXNV_IV_ln34JF6diZj33gzpSgr8LRO5lz1pfa4CQVp_IXu6hiHn2DLCjGE4J_ob2XDXF6eGA9YG04NLPxQn6ocQvHVH5RCAhnyTxPlle0FTE079LqRA-qPTeh4aOySpM&dbm_d=AKAmf-DVDywpSHawpBdzEM1IQH-hQ02xg0vqCDhV_XDBfiEqOw74bzezu4KlzNUZJEDeQU5yXlGLhxsUCW3BDWKGOfgnrZgyhl0jIw8modOCTs-VhWjA4RvwZTci8ZwGFhAiaME4jBDxOr48BVdUSkLEmbo00TgUSfOd6bLQk00owlwmCDjROAO3A8nohzvDRIvkr2k0RX2p7AX1-axBCAtAcSgZoh8v9zMwSoqNDxL7KFH5Wp4uBphtZnF9OOGIKQf6SdcbNzsT0r4euAPFdtfp8g6drjQErJzdAtKYSfbDl2dGMSzGSAQVxMSAwAypl_Zm4xmGqicS58Jj7If3kMFWVjXnllj8IiwPsUvDVbxL8xcog2HHA7E8UNkN6pYS3u57ybfUHnazS-_-8LGqaXLFGKn8PEIJ2Vfne_kj85BdJKJZnPZFTu4jnnLYz67jrB3LcfPMmM9eh2WE6NbMjlM22nw8GY2EnVF78t3EjI4BazUkHHIE5cGfv1IFh65EHJADlHgWAGH6O9w3cQJAIPd4bSmcmFzhZBbMX9uXBUTKK7-1bP0tByZ5uG9bmVRZ7utn7cT0zXMQABA3knWtYWHwAaZ8rkFTMG_7GDtNMg3VlMmXFJXO5WyHU8blk-prNrGKLztzxmp3fPFP4G8G-SeSnr2_vAvXJIdp-XfsBCCeKi-7ixFplan8J_nvrB7u-COicS7DYqDqKsJ4Nm9SJXT_QGfY2isRKXDQIJCg1XhoHFaaI2qkPxgezaPOgIVnRCkvUzvSzo-Ck8VPRZOTP9YNFCYcPIcJ5e9BnYcVeVHQ7NuEts8vV0cY4jhpN9NiuZmczyRjGw-DdBg5ORzlmZHpfGk9T3-MWBWZKtDjXjX37BBF0eZMybSEX1krQ9hwfWCsOJf1W7n77ezDAkKOB97IHl89btdWpYHdz-lXlZZGrBARrtlGXmgAvwqrquw9G_xqEOjLKox1CwBiksOWSnuU9Ggmm-kzI4_IuyaLMUCkQvPO9vK0ifHmwbTyNHH6ncc-E4k98yGypjnmWAH8QW0GB3kygBnggV1rEkMqZvYPFW_PKFNMpEgUyuZE4NqsLdhGCy8pmDFD5SfyNXcarAEzC0gvmxlOph-j94fDOx47vMi_Tqc_Evip-6dLIlH7OVoa21qoX8dNKwIXfzhnAssuqaKr23V_WeXHerHPYvxJvfm5blq8touaIy-c1kq7eelTOAhLSfvBIyU6R4AizoJ5LkULQ6eMGd6Z5Z_C6Dx5zCl3LUdLm07JEy_BGasV7SZaWkE7amnRc1D80-ZSjuyQdaFsYWLGVa-Ma8wC3PNTDycT1crWjTdJs9O1wrxHsJwLIhZiFFvEBUD7iWEjU3HCxft7q-3aWr5-QevPgSji4Q1Y7TMoI7jVNDAteptg_b5gXfG1MAZGi5scl-l7Rs0tid7s5eP7staw8vI1MD8c-3otDGGJGeut06yYlIpiHxI1NHHa_Hj0LTqwCE7j4Axv9MpIOzWTmRvRHZvR_Jesz3GklMWUrWx8ir2z6eDEc_LN5n4gIQ2uWfRHTBgqjrzUJj8Wzh9Un82nCdKGmObk_A7OTqtNWr7ReQXi4K5UNQXI_VkOcL0HlXHEC5GaHCKSZqKaaYlXdBj1LrU-YFAGm_DKQUrFvCkVf9DS2QgkwIOXZtdTWMS4Wgi9TkEkhmC6T6kvD1JCFOH6N8PHd0v_pE9KYKgEAskZcImE5YX1EUp8L2rxFuUwN5mXh8XBNmkHGWdqmel7iZG5Xf30z6v121Dl9h_JqDfMOdwuTYrRyhWQBbntPypsdcO9dDjjyNUgN5ZtXgKfhT3NdF5u-DfYYNfIVCpRFaLrKxSRT5VFeSb7JJ8Tp8YTBm6iQcHbaw7su6bsoBWPHf84oAeoiMUal4gRy3Ki2Mm7ubSGrN0m0exRQe4BzJsV1VUfBO35xsg0_K7AondQlRDOlZAmZimLrARSnWkjxnII2hlM8PtkXlYpBRgMl__IPwasnpqJonpzgAmxxchzdkqdIQJEx9zk4VajsnFPShFj1zvHgicmW8CVkHYc5E6yptaYIl4ScbnjfsH0RLbPBIi10ysiWbmYXBDClWj-mbGaVa6ev2EMw2E2Y-SWUVeZtOhUbRBrfRGGfGRu68ulR54XKPBqMajHKDYFXWd2SN_-cIvN6sTZ_1pSwkNc3FfP5AdxI7PaxyMlwXi4s6qjGeKB18Iqa8xxYZfoRGC9pvgerS6ESrerV-wkMTSOdiL4bW5HkOPa5929__ENY4BFJWce39R9nu_-iq2vh7HRHAv3NUwVUxwT-LezTKyNfydXEa2HL-LAY7xGcd7bUe6mc02zbtml-Bd5ybaz4G1aZITez--bvTBv_uSWIP8rUzeXaWnNYPUVx8616p3JFzyo_-XwhZidgviPFEOvfqPug8Xqbh8KRWqDU23khxZNPeX7fam5TJQP_-re-Bvsp83Yo463PitBiaYjGChnlQpLnL0z8KtCQxMZtIRLe43VFrnMt-GApkbp7uv8r52v3HGxQlEGx7rnBhXppQSZqodPen_QRtfqkJ3MGOMegPKfCcfyTOtYXz2s73m_i0ih9kTeti8JS97OjE-0OPj8Zwu-lRPf6pLroHFgTyqnunnwAiXuOraPzPNpcOT7EHMB-z2kcq635F7MpnmbaYe0HbAPNn11f-YiBx0jcR9CkPyLnqFwBC0AukD0jAJSaJvTOSiuvx6QNIid_HeljPdpUNDB9lbulIV01AOr_3gWg190Ma1gzgcRVM5XQkCrF3SIrDDg_BuOMqg0uLCMqEyu30S_fUm050-ZLhHPyeYExAWdM9HN85gnFE1aNXAkVnHL2jJp1qY39fHVt-Cw9OTGjkhfBgX88MqxPoAbRjQO4xj4VaDH8Vlk7bq9ijgdFAbNVyojn1mZnbRDVOVnF1spDMpZiblp_a5VUhwvHoiTizRS_kdZhTRizJ-WtLJAKntPgFAnHY8dy7zAOTZk4dgMrd_7GsSt77PUK48kjhOykY-AoeZM6J0plyjeTePrRhrJwejjke9zrREJMjR3JPKNWvi82VKhgsm4u0jY2TVyrAvBC924QnHeWsVYEtSMRDcTxcGRpMKO6xPwV_Vc0v61ngUvr2s0ae2bH7StRH_kOrqVRxn4HiCIIWbZxKfYzdEgwvbUGBjlnvSRMsI6-NYZLEQaf2cTLTuhRaJ469bTrwyQ5rU43sfuTt8khmkod0lOyNNRLO7n5-V0Dq5SjCNoU1Xj2FHgk6iFZK-hzkqdWgwDl5ZYDup4GbJILwV9e5SZOlKvmA5hoLRUxaUye_U3aC47tyamIH4gy-IVhqf6QY5Df-TIxEf2nGNwcS11f7WdplJ2WJJOeB4XXLROo_BstzEqtVCsnb2Vekl-gF-ib3DShXHLqDuWGljcBbxxW5ZSY9rdxPTr9FgQNwu1DZb8NlA_ljPF3nWNoeUOwB-1IdZiyKk9_PH_basPgBJAilR6XOK3iGcykCQdgLdF9L0RO_PhfA0&pr=8%3A4D3107BB9D3AF79E&cid=CAQSKQBygQiD7nSjAs0R7Yp6-EOI6yf88PLD65e4mOBVPT3ZN6IqHzi1uBAuGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=13952931540454148000&adk=1061885417&idt=82&cac=0&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
546a53cf975ab441dd042b7a03b756dcc6e0bd698e206cead651b187eacbbfa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38054
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE9F 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7270162228423&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE9F 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7270162228423&version=m202301230201&ct=76&x=8&cor=14646098180658207000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BE9F 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXxseaJUVJhIKRwgZTb9rSR6CzAn6LfnqyIoBGdU6xnLWWiq1BySJuMtF78iefiKuqJTWC5qF3ZA-TNayXeCVYwYBPx1MWZgp7QIDU1GPkL0F3-ZOXMAXiJg-1Je17kbBvqfpcuOw_U4og9dwdutOxrOSUiy1RC2pNk1othvSw2vOa1S8&dbm_d=AKAmf-CA8TJA2AjI7mlmlWT9Evl038-cXThFTdvGH_7iH9zMzkUDB6q5UJn9ZSzEF2dX5KUET8uomSn8q0NhuAdacNdyS5n6NcRmwUuCJe2rPdFpwJH3sMc_kba-pNmMxLah8KRywQqIu0vzbK80nxsY-cN7rW1YLWWENsqf_uJ0dyCVIngtshBNO5ZIye8GMqUoasAAXvMj9qKJAOV1hB9rAYdIbDm-PS6ldtlF8xGKIuEBVRvlg33QNH5hfXLkDl6a7ER8YlIoQx0C9VsL836hdjyJJXIYUVtgx3U1i1P72a1KXfaDMSejxLFm0Emxcys985-kyvCYha3J_DaXBo8pgAjqS1xv-5Vfh-SepAT-8fXmtTuTPFGTZCEz_uKlwin9WnwJKayixqTf_aPxgZ2qWsi--1BwL6skypyayRGwUjUynPRaZtq8ppf5UsBvHi0lFVQyjFo_WBdbw_6YxZSsXXWMD0KkGpI24UM4A1P88P_BLEdsCQEZBeTuHZYOSw9acC5nier6i5LtWX3J2qHY3lfBQldwbzWa4N9flALbD3R40estj6TLAtwYDMr5fhm3_41dzFyMsohFOzP_3YRKqysuOD7qdrc-1yPj-7hrC0Ov0HzfqKmfJJK6EPGZjwV_0oO_8dkBAY6_rLy7GgoploHasUx5f4S_SiegP1n__8WdGEpUan0663ES-h430XcoZ_dbyjuBfm1dPOuVnaUdMiHL0Rx38P4m9dUULVXwDK67nX848fKTOkG9NOeMtgjk0rWSemo1w-_FKoyar9pvnY6iz9tmT24iMLB8B5MHOryVxMze05BoAtnL2q9Z2PDx-Frv2AxZJE2JnArHr-xmEWanQFRZbJ9aNvfkg-fjmqMxgEJbDkTdFxK8DT4NoJKm3n8r5XBUNxfsOJ_Io1TWLLjx_XX0R16XewXAbqlgZZocX6X8kpEoQp-kN9GfY2OTalp-uGOgEK86NfQJ5Rrrc5Pj49-7XcQb5VQqZfenfjYlFvKn3I9AE1bBpOs0czMBRwiKiYr-2ATmAlU_uy4sjVP6u-cw_k-3UhS6KoaVezD2iN6YMbE_ggniyPsRtfil1Ey4qrBqU1JU5nkNPQVKb3ycZlMU0q9TRJU5ak6BjvnQE4TR-kwf3M3WTtRNimLBoqKTXsv6uSTb8T-p1_ia_pxaaY42rykmG9WAjkML1KTNyUSKXSkE0ADiyBv7CBNW6aUIpuvoRAH7g8sRwSx6-_l0DCmPjOJTTag78Aa5tzUZdRubCgtqVvzpcY-vuiaIjD7WTlAMRWPwgrVtqsnsL8mHK1agMIcmVfbBKQcA-1QTm2LkaM2QOKIyl7zKlTZeNR2ORolH4bSCjQA6Wgn2qjxdchAzo_cB67i0be6X5brmcXP7FqbBOYOIO3sQHHmIpuMJaZd2ZlEHEpYSvAkHE5Wg5TOWoP0mvtXjU-EjmymGlTeTawaNmzODyukO7AJd1Uy_py0urIRgcnNZhCLQGw-4M1RKB4EnguKlQvworHqDpevHDjxgsc663baqoqF52SOWa6iy5OytzMmzvjCSifIkL5yjs7cw4SUKYdA4VPh2bqhI-O5kBuoO0uatT6TLwMrKWBbJJcAZ6w1IsKFYEdYQpt0UoPpVPIFfpUcsr6KppVyxxmIoRwh5l1Oo7qwFqu865clsXUJoEUb0U72BZwE6XSJ8PBLkryTDH_z_SwYVVUKXT7xwjBIwYk6eVHzpmYsZ68RcaXwQoYpoihMRbVKgIKAVO97dUONqdhI_gczA6Swsdq7appj7mQyL8kr-5IXjMEFrmeqKiXn_oRI8bHlSdM-PZnJ29D-sMhoZ51UhRSl3ahbR49ZmCFlxuU7O0TRuvflXOQopiPe6rFK-gRBhgDIjaWth7ChHCerhh_khzrWXIUxQkobxR3Ci6w3bwzUNbvtqtutLrAVDJQWZRL9PHe7bfumgOIp6u_QQVAZhLo9a8F6nyF6oxpfv2FZ0jY4Yl6nneHQK-m7vIjlFDCMwlyOmZy-tjb2g9dbyWb---Ym9dI4glZz7KO2Bw1ehk50EXRzZ6cvwfeboen5_U3hJ7Y5RkGgPcIix9XVFfT-14quRu_X7sTsalIJxQYF3dyphTTyV3ouXVxmNVGNCyaBdyYXf52331jn_2v7PCzwrEAgritG9vkhgclxr8Ntl0AxcQBo9rm3-Lns4X0phbUx0onfhvwCqlOgIy4-0a24dio9ijsCLe7vsPkmfd75J2xEqS9Gu18ClwBhEF6JytfCOqb4Oh17gcaGMexz8qLJu3ejlN8ZHm8OsfN6i63LnQowXBlc1uy_6Y0gTOEMKEqxj9MQQsreKmvxlIsXMUD3sGp684u33r6_d6XyOx3dLq_h0vcB5WSx5LN0yoqNV5nnL_idL93vxtB7kcifxyS95aYSxnsHpFKLZNqXGNDuXbPH756jY3jicEZvE1W3vLjpQlX8js37PouwJsyDYvuh15GrH5idbERy3e4R43SCy0z_n-DKC-oYaDnip4gKu-OMofxGpSkWVACy8raUBl0ocknwzO9j-KJbwQIn-0n22rxoV1FsnI9v22AD-vLt-G_hoafIrzX4hAyQa6X9W3TF4RURVjAIv2HmVQOhx5ADQPzzyzJP4lhpNJvw7rOomwLfnqwJbJl-crEzvuYDXssHFmH2qnoePxGiIjIXspOo4y4y-ZuwoqYsRGS863uyWSMA5x5NmCQCZi-vNWY9ilbPP7zR9iKVoYcQvrVTg2EqE61bDBzuxLG9yETdW0lDINCd2zbcuiDAV8z93sWNdiiI5VqtfeDD8Pa74Q_AzSEoM-LDR_hw6LYKmykUZ7cRkqSCtPNtMmQcQ-qBqmL1I_wxtQHUUuat81BHFutyP8_sZ-N_hYnqhjFUROjFtPz2VQ-V-mVbF6vD2dYJsKDWIgSuzbgMRaPq7D1rbuQAQInJ5pDK_FlIARHCMsux88MqGwbmfD0chAE-pq8FvqElIOF36pX4IcyA-WvpHNqwzuF7mh8YPfA5OB5KnMtfcF6UAhVGtlY165GEQzh2rM9bD_HohMAnG5VWTMLGaBlB2oHkQDdMYwYsHi2HTZXNesijaWCwRiU7fm4VaoMTwZ4EK1L6WES2Ihlis8U1_ZLzmgkXk4-zIf4Zb4IP3PzU-Xn12Hsq3a3P8FzV3hMc_Gk-PMQStRk07i0YsZEvhNn3mErOdOmgXeo-_6tMutYGZg8akQHFZ-GM7QZiij5eeKrvqTUPF82BnJzzegovyCzQHwFhUdkY2ZBlgg1cmSS89gihVZCobgu4qRuHvysCJK3X98QvUEjJHoLIsFmROg4jIr776sc30RznQAYjFHYM_Ukm57YsW-imHLk7NI3gU-4fj-MicFnUBOczK_8LDIyufmzw4h700hEorvrVe39l4TpjmT7F3Qin6SUGLTPXXdwXrfPZJOVsdZAZXIstcmP3JqvADLomPhsqTxTL6ldTUymLCLIsCcTM9BA&pr=8%3A3401B9DE316FEA13&cid=CAQSKQBygQiDS9qkgdt5mofbcU47KzAcI0NT0bQv5G79AY4nnUKBg01g8uDvGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=14646098180658207000&adk=816895174&idt=147&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
279e5b9e86ac6db0ff3cf17eb88c76d4208af8cae6a206b979dbb028592f8f22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37944
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2BDC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=2101823202013566&bg=!lZallsLNAAZ8_aWmXP07ADkAdvg8WmSJuIJBozbSFHczDtuKGNRvM9-RMzXlQtFWs_NG4IjyEU5Mow_Ulrs_yM1Yqf-tg45OzI0CAAAClFIAAAAMaAEHmQLKg5w1rjk3iPwlRGHGuw-0qh9TbrTEZYIQwFR8gBpmevxVgAyLvBZxxWbnEpqthVnl9ltnTq_kIOw4JdCWK2FaMLToGzAiXzoH6kLmrZEWT4sNjiG5glZmynVV_LeH2MFzC0fK0DMwk0yAL_T99JdMy6eoFcqE5HYA4lQQo7_zakEZsW4y6OI5UakV-90S0Abc4cBI1LGQ43fVdxPt--Tb02bTcdRH4YV_P5zeL7OV4kQqxxk4jrX14eeFAsaX1DHaF-UJwySybeTPxhBqs9w-bBpw-ghke8GS-bxvfGwdSFLYhQ4P-CUrrvuJPdKyAvS-3dZ71ewIVb3yOh0jQ634p9rS0Mbmr70bNi2wst5PipDtWYscJrGlS6RGjGyimIllsBmmh2feqKQgERY3J3UJPX2FayQKL2NLpHdotwOs8c2YQhM91vLIVLFpqvVUyfxE5YnhRai1WVlnQTJ2rI_Xy0Gk0vD_uPHG4j2SwCTwxRDZV0f84a4yEWkHoAuQUelcM9hoWHnvSXfkhHb-NXWVJejZdU1F_vDA3SE1UmtXhYFELn41t3IgwYeLWM6GJTRd6P2OsV_QKWKuCM1fMqDmmeOwPf1XyuPYi6U8TnL3wH6U-UPesiidgV207Or6JMC1TG7oySF92x3Y0Z9FckY3N1DRHMW0tejvnuW3TePZFYF1bamcf5vfD1kMcT_987bycwnOpZOytLmY-5fUvt6BvQfV1HAq6XFiB6PSJy4YoTmVbyxiPlUb3msrNGMEeFnPYeY2bv4jMNvvan_2bq1lr3EYyNUea5A8HvgE7s2u3lVn8WbKXqzLUpcBn46QgZvuM8DUjPpntR3I7jxZM3t8J_fw5bs-toys25JOE9frW9bNJCu-y4SE5MpZP1L1w9ANIct4IVIr4IjVsZQ-zJTC79u8plvJYGBOa-8-LUBJuzeNA-LwmE6kDrmR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7975 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=3848651362865139&bg=!iYqlit7NAAZ8_aWmXP07ADkAdvg8WqWQQW12jEGiSX47TxoPg6aHUoZdfx_SvBtxn16FiHfOeAZuAjc3mTW9QsmqoY4JvByGyUYCAAACZVIAAAADaAEHmQLTUNIkeqovNLgpMn-tTvx1bc0rRPY-upHpcMiBE2280vnmPV4XldSjeCw0lbaNd2qH5BCDaQJPaqntboySLuIvAkBW4j9DKtNGGyj14XUnzRfZKpIEGjaYPXZFBx70DUJ6RRzwrw2xpKs_t_vFwFvZ_gTxkDFMUrX3725OQbPjZuFzVgyhJL8dtubNjhDChOoWYQiLPw_y6WQSvOViOT5pJJAneSkjS4TIxotdxD6Au06FlsUa12OyIqWiyyFcITwIokWD3jUtz6kuq-7b_38wgo1lmJGboN9jtlmFQ1U-xNp0UVUdKNQhKPWb179AYKnIs4USw7TPpTieo8Bm6ihAR4JxYA-iNKTex5h6aVr47sESD-09M_ZVq9xRes1tuXPGqJb0kLaUjaSxldWPb6Rwn-8Zt4metkh5Vhvb7nbA4ZKvuvKsZVRU9tV9-XSsuQMDnI472j-g6R8bxzenkKm75H-UOUGf9qlNsAO0W8ICmcQRrSm0v_o2s3FzwsFt2aM3pl3tpSfsqbMBaJlDFiJvb2vu8dBisVDaSBVSnNgZhcE4uKTZHDVAoNax7r7MY-xWG4GPVCcp3KiFe3sXsmtfwAMTT7yKXDNO4UQja73IJMyIaD17nlPIUcg7Zk0NnMXNIEULQ5gHw2cVDkCndhmh2zqiJOAibXn8KKzEWdZffWPQcdN93LT_wNWlI_WiNYGVuAi3YTRz2tmoJYS8oY51lWD2xChyupKH6m_3P-YwJESntUibTesa1_-gCjJrEsr-OM55CcP8N_KV0yR6cMA5ztgiC1HbOZco-zF-n1CEJyI_y_HxxxZur5BTRuvsAsXcnM7Eu0pjhtj8thSY00RlMKZZDYEkvsyNFnzuFVLucxFBP8koo4WbTD5qgXNL5E8F2zSojjT9hpx_WQ3bJ_zLaibAIwAw_m4DlzZNUn93DnrdciEnMcGdnZVfGwfO6_V2nvmG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6F1C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=3252810816889326&bg=!DwylDFjNAAZ8_aWmXP07ADkAdvg8WlJZKpQfwEgNxP35yJRQdIH_xao1FBkt0YfbNM6bwjWIPoIlxPRbms65uQpWe5JJzSbrEvoCAAACc1IAAAADaAEHCgCwZeo9wGREEqc0A659uII46l8tj2gX5SzPn-5kzqh3rEw3Cyv4c2vbxd0KQ5v0J6HcHoLor7WTdVVW04xJn2TpyevkuDayoejTOUeP7Mp6Z64QuTlMAsruvkikT0jzTyLNGWUKkgVLkyzJykl1EacjmBLa0jbmYwbtRpzsGMKBQGB3AEyTZ2812WpctmqlU4XrFthP7nqGlde0sx7B2leMz7zbH-KmnmKlwfETbF5H-tGZAsyCt_QXoLXVWbGnLljS_ZIHFByNT1R31F7gileYDALc5QTfgpD5R1tDWkMQP_KeW9CEeLKX4R5klCpkAoKwJJ03S57f4J3xSmlsYIokB_NYFzMZiPZ1OhkF7f8Bp1Qh_s-AmivVu6dr1997lmw6OtYrC47VZGIKTNSLd6tYo0D2aOpf03Rro5INHr47Gz0ucrLA_OSZkyF_KOsfHDJK1qiMLsGsHlzE1ybI29q_3x81EvtX8wHzHRY0BBXwxXM8FvO1vh2hYZ1Ti0nMGmPIkW4m80fwQSNrlbIyQUH4M-5LULJQ-qdaH9bXNA83Exf4PUon75YW1B0kuM8861ACo84BjGa6Jn5fLM9emcZe0vMnEmI4sNUtmOpzwt_FdkBimvtNmWpyLgazgt3D4Tkqcq8Rj-FUbtiONAqhlsmsZafmWWlkA9vIodZc3w8susu6krDG9yVpS7yUpZx-EQ_1t6RXBSo-nG4wDK1tzskSpZSbVKjNulN0FOlsy35ycN6aOfqqvuDpajdUjfBtYFlqTmpcpVDrg8KIekuzptpFdQgxGqTsYQnLenuV5vldmrEwfXcaxLmE2gJFWsupG0FxWVgOPgMPMR5Zexmt9iIB-7q-ivzCLtEdbLP-PWigw-4SR71JLnPQNsAQVdzMV4qw5xAkgwn0PSW91kuo00oyDSVwg4f2cmD9ClTI7rhkkc2B1WWqYxyS0LPfGG-LJhgJabnuzaHoR2lEnLbo_5_cz5L9LyCY4ugWWyeMQN8ejuYl7dvFt2knBFg51bYZm1AxnazVUJyLIXG5qYZagvxbrQNYFWhasIhdRG0UrYg41bJZ8GLIJXduGrWdMxjrvU_CoribYkY72jTBVaMjxFT-b1acjVRP_yi-Gk06sKJhyu6n7y46WLIS7J4wJyVjOAvpOGZIp0zTndmaROFc_Of5xDXUahAhn2NEJLsJVRsmIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 40D1 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DNFmZg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2438 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 07:18:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame 2438 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcdV16jvVCTsUL1gvelkyQRoLp0sEt2pWF5lIl1pKp89EVcvwSiHUZUnR7pWTieBqOw8sBeM_pVh3O5Hlu4sw7y94sSz4w6chT7P9y8LCxMjUAQLp90dWK2YyTx0IOlHUd8rVQNRwTFBmD6g1uIDPrmO36ny5b36Vm0nI86g-D4BCrMD0&dbm_d=AKAmf-ArD43nFekVwWTNqg8t4I7gG0EVOV-pqgbvcGHlvRFoMjw9AZuYvp0Xj7hJj1mA4g_TQdm7VP1VbwnQIPeWmPkYDasEsf0euMNjG__DCrjDBf6nX6usnoMf24akq-psLlF8R9iLbdA8nnNlntc3hlvzMsJk6CHdUCla9MCigNsOBGa8U0rZbbqydUi4SXPzmup9Ew8SqO63k0HpAdXn_sX8jMtJHS3JQB9SgSmrugBLavfGBhSrH-KZgKbWI8m_Hz6JaQ4JVt1VmjmaHfW5KoRzXLv9R6fACUWZyIT33meawC6RZnPfNxCeAMFnR13aYcArUVTkwN_wqdT3FRlVYXeGw1Taf1gyosX7nwTphwcHCqGw8ezI8Ga95xvp3U-vMXGzgcj03OUJEVvT_tu-5vKO_Qh7RRsN8z09JPs1sHIn9xFi3MQg2sQngF0y7GRbrYMn4uvDYuoi1bvtkDK92VpFTJawnl15qCILGrZOzWoXNApELZgIYznERIHbYxLXj-APvudHa_sDC-o0FlprBPJJ_nhkL-aGcd7TiBplPSi5Wym60ZNuezDrEimgpbGvfESm9QhMWGiQeXqjmBi5vtF73nivGWcuDvNmpRGyeF3CLwQyJCetMD-d9ouP_pvCYZyGjbX7n_Vq3HUBHx43S27nE-_iwRkeCU0RSgzVvWQ_zWDwDOq82FtilFJIvOCDUKi61mrxmrQjjU5peadhcVzO10uv5T4wYiJrGdEajObmF1Tmbarf5SYDiVdbEH4956yWzJ7Ib69RhTtidccZ6gmTbi5U3E2FqdYb0gFveWcZmj7U8-Nl_LyFZFvkUAS4JcpZPEDY9f8NYmIY1vnVkw2ugqs0dn3B-IdUDaR7mn-dMstltPDTFf1RiHpS1pxaCp8_760oEYG2uWkjiSs8GD4tYlRePYCf8oL85wo6XBzhRQ_T7OIpLaH3hNUpdaZPVWDqv-QwWkpbU7oBFGMkE8dKZ1xc4POT5yZBNXU0qref2BbTd9-04K5BbYMgTMT7m43-ZIMKJJqUEXrFvFjFOmRjcSY-E3qcKnehmIcF4B7GEOcq1B9I4YzCQeldp8ZdW6GgV4NgbodoLywCynq73wRt8GUKRhd5Nhq3gWWhqvYSfbBxvnRjKsIBd0FfvdK5afbMlJ85fNGe1O-lBhAyUOj7oqrABkV9FXOdCkPKU3jDpQuQeqTkh63dabqqTU18QIixAYcoYa0aKcpU2S5jMUQ5UzlZjb7B2Pq_RWB677KIpJDP3uA7PWQhiTmI1K2vQYh5Hcz9I4Bq1NY1pbDO-amyN06fGF2gZbl2LD_dq0-Xrncg98tTLedsHIcBoA1EsCTAoV5BePYJgO8bjGyDh8YS_-GK4MoVGeNoMj4YJ6zQcn2Sx7iijC2iiQ_v6WUvSCCM3oz6JRyhi2dlbzY5HLjJfc-TVRPAomRK9niZ3ri_sOcIIMh6OkvImXsQ2Ms4TQF2Ka9GqaFM76PYBY9M2UppAxihaEFnttqW9Xvf7xyEdho2HJTd1hn-CwYH1oQsDohCkxxZeGA9d3gZJB7RLWp0KPx_2SRpxZlHo97irRkfCM9qcQddr_jStTAmXSkh17-ntpb00B0HYMJq1UHjhkYFBiPyDAT7jKSb5ruwoxGoYEHtOnw8hi7RN5stu_NhvBDuZlKQEV5VhWNaTMQo5h9qAH99mLxUxkx1FK4VYCLcJvxT_K6LkI16tKfBvkDwWJGHNIaGYxnX0kmG_32iRNliBNRptuSq8bE5x-mrZEISzj7_-4znmxBVUWfb2gcWHrOUZqQAulOQo5bZj4i1Jf4Ctamhn-R7vYJMc_7kxlkIOV1TpE7oFGvCImBcpvxGqXMgXUTa6VunvjYA5WhT8cQKk8BDOdi7KlX4QaPkS7jgtjpsGJ9pqYVGFS9dgxy_cR173RcYsqSDrLMeAPZbH6oi76keJEEX5cLqEm9qnxiLWE5mqje2gw1P0Rjq1WCyW_Ds9mkVOm10hLN3UJi1KshGvCnAy3nCrdESKySFps6DAOFik25gwnpjantq5DY7uFURVIjg5fO2LLNd8qvGJtKgHL2Hrx6x4a-suD5z05cL1rZ-dOM52hc_JtmRTLlbubDoNY-D1r9USlzD9FkL7R95HeJwumK1vNkVm3eb3CJl_K66U0AtnHHO5UMM8Kp0xoXdTJy_r_c95tu9RmiSOzBg3RAghUuJ6tTl5TcsdMJesktHiHz8EYAgXNze-p69lRymK8wAwAn1fWixpooHqQJ8va7MRdhm_uJpaxf5wFLn_9JJKxbeBkYXM-U8fVU0CECMMg8UfOEJvXa53VCBXRLmMSBuFujyROv8I35QBE9wU4-jPuDA_dXxLHas03cW99yUtd55WYDPaCKTvKRAeBwtd0_OeA5LCqlypqiRRWhSBVtv45jIrB9wogiNInDIU7nkfwcD4u3mk3VCD6dXYGsayG0X9VvOMuYZo9gCej45DYkpaGQJcLWVBMhN-iU2C3BuCDbezRHMMiRvhZbAJ_8tz5rmKfJEGtpmatm6695tL2cmXhfLC2Hkz-jfJh066MC9Xi8HoXb6tk4XtHIcy7jyd_-jAop7WdPIR0CtYJROSqvJp6tOrPOghXT0LH3sHC6HsGzdqG_LKGIi1yB-1D2ntxxfks7Kvmpvkw2ZHcPkt7FIcdvMn3PD8ALVCq0NLJ34u4FO5a9Q3V0cgQAgAoYR0-lX__EJTgklOU0sG9EaLTUE2Gv3CkAbKNW53Nnb-ouGTLyP1znf90c_kkChEimnz5Kqy6frBnW0wj3q_b6EveoLvf3J2yqq2oucxOnHDmBzHNWrLwdiAyGeJtW1NM2AvfBR-zys0HM4m5a5f569uOc5OYuXfyBrtJvAQ8zbRw9MRuWA9s19tH0Z4DoRqsc2-sBjM_qgbiiJ7lxFTj-JVubT8L_Y8ZLFkJpht8AJ4T8r7Cnm4A0tO-cbS2WA2Wl946kgPel-LmFqAmQCITDBM6VDq1xhcMWIIEa-erpc6PM0iJ3J_VIDOd3nVq9Jnlx8Rnw_gjMtaVfkKJPKw0q0FgxCvVuyQuDQP3MRVxzJMfYPohqyUi41qmfBSljH-F4cdn96lcQOOY0SeEVo5W77Y_piikbcC3wmJct0GWidkus_z2VeiGsVqlFyXpVRjPKbIZTcgzVDN6z8-vQJcbEPGP25egu6B14vJ9MvBpq7dz1ScXHQJGV-ROzj2k5hHM3j1kvt6K1tHaMdndAIx3PPRbXCSaVxyg3J0FzX7RrR9leiLZCrLrdYOOJNZuYFrGEZ1G1djiJNldZYlEcDiGfnLUb6TRw4i907ocYO2nFlrxiNvJA9cWmqpyqutSdedtcuwDmU2bL0bOuA17M7ekN5LoyLIj8XLmqqKH4ULKlCbh-SHImITdsD_gmuXSboOXSVvywytqJlPQ4T1b46ENrChf72RwWPL_Dd_8t_YTCyxy1MBMyGEWEqU-AR0pUBt6h-Y1Wa0Q&pr=8%3A8C6803FC981D8CE4&cid=CAQSKQBygQiD_ty4tufSMKJ3XdJa9vKr2-CJ3pWDQBrXWanyfnUBMU0lBTsTGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=17662381457414310000&adk=3399080681&idt=75&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 2438 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcdV16jvVCTsUL1gvelkyQRoLp0sEt2pWF5lIl1pKp89EVcvwSiHUZUnR7pWTieBqOw8sBeM_pVh3O5Hlu4sw7y94sSz4w6chT7P9y8LCxMjUAQLp90dWK2YyTx0IOlHUd8rVQNRwTFBmD6g1uIDPrmO36ny5b36Vm0nI86g-D4BCrMD0&dbm_d=AKAmf-ArD43nFekVwWTNqg8t4I7gG0EVOV-pqgbvcGHlvRFoMjw9AZuYvp0Xj7hJj1mA4g_TQdm7VP1VbwnQIPeWmPkYDasEsf0euMNjG__DCrjDBf6nX6usnoMf24akq-psLlF8R9iLbdA8nnNlntc3hlvzMsJk6CHdUCla9MCigNsOBGa8U0rZbbqydUi4SXPzmup9Ew8SqO63k0HpAdXn_sX8jMtJHS3JQB9SgSmrugBLavfGBhSrH-KZgKbWI8m_Hz6JaQ4JVt1VmjmaHfW5KoRzXLv9R6fACUWZyIT33meawC6RZnPfNxCeAMFnR13aYcArUVTkwN_wqdT3FRlVYXeGw1Taf1gyosX7nwTphwcHCqGw8ezI8Ga95xvp3U-vMXGzgcj03OUJEVvT_tu-5vKO_Qh7RRsN8z09JPs1sHIn9xFi3MQg2sQngF0y7GRbrYMn4uvDYuoi1bvtkDK92VpFTJawnl15qCILGrZOzWoXNApELZgIYznERIHbYxLXj-APvudHa_sDC-o0FlprBPJJ_nhkL-aGcd7TiBplPSi5Wym60ZNuezDrEimgpbGvfESm9QhMWGiQeXqjmBi5vtF73nivGWcuDvNmpRGyeF3CLwQyJCetMD-d9ouP_pvCYZyGjbX7n_Vq3HUBHx43S27nE-_iwRkeCU0RSgzVvWQ_zWDwDOq82FtilFJIvOCDUKi61mrxmrQjjU5peadhcVzO10uv5T4wYiJrGdEajObmF1Tmbarf5SYDiVdbEH4956yWzJ7Ib69RhTtidccZ6gmTbi5U3E2FqdYb0gFveWcZmj7U8-Nl_LyFZFvkUAS4JcpZPEDY9f8NYmIY1vnVkw2ugqs0dn3B-IdUDaR7mn-dMstltPDTFf1RiHpS1pxaCp8_760oEYG2uWkjiSs8GD4tYlRePYCf8oL85wo6XBzhRQ_T7OIpLaH3hNUpdaZPVWDqv-QwWkpbU7oBFGMkE8dKZ1xc4POT5yZBNXU0qref2BbTd9-04K5BbYMgTMT7m43-ZIMKJJqUEXrFvFjFOmRjcSY-E3qcKnehmIcF4B7GEOcq1B9I4YzCQeldp8ZdW6GgV4NgbodoLywCynq73wRt8GUKRhd5Nhq3gWWhqvYSfbBxvnRjKsIBd0FfvdK5afbMlJ85fNGe1O-lBhAyUOj7oqrABkV9FXOdCkPKU3jDpQuQeqTkh63dabqqTU18QIixAYcoYa0aKcpU2S5jMUQ5UzlZjb7B2Pq_RWB677KIpJDP3uA7PWQhiTmI1K2vQYh5Hcz9I4Bq1NY1pbDO-amyN06fGF2gZbl2LD_dq0-Xrncg98tTLedsHIcBoA1EsCTAoV5BePYJgO8bjGyDh8YS_-GK4MoVGeNoMj4YJ6zQcn2Sx7iijC2iiQ_v6WUvSCCM3oz6JRyhi2dlbzY5HLjJfc-TVRPAomRK9niZ3ri_sOcIIMh6OkvImXsQ2Ms4TQF2Ka9GqaFM76PYBY9M2UppAxihaEFnttqW9Xvf7xyEdho2HJTd1hn-CwYH1oQsDohCkxxZeGA9d3gZJB7RLWp0KPx_2SRpxZlHo97irRkfCM9qcQddr_jStTAmXSkh17-ntpb00B0HYMJq1UHjhkYFBiPyDAT7jKSb5ruwoxGoYEHtOnw8hi7RN5stu_NhvBDuZlKQEV5VhWNaTMQo5h9qAH99mLxUxkx1FK4VYCLcJvxT_K6LkI16tKfBvkDwWJGHNIaGYxnX0kmG_32iRNliBNRptuSq8bE5x-mrZEISzj7_-4znmxBVUWfb2gcWHrOUZqQAulOQo5bZj4i1Jf4Ctamhn-R7vYJMc_7kxlkIOV1TpE7oFGvCImBcpvxGqXMgXUTa6VunvjYA5WhT8cQKk8BDOdi7KlX4QaPkS7jgtjpsGJ9pqYVGFS9dgxy_cR173RcYsqSDrLMeAPZbH6oi76keJEEX5cLqEm9qnxiLWE5mqje2gw1P0Rjq1WCyW_Ds9mkVOm10hLN3UJi1KshGvCnAy3nCrdESKySFps6DAOFik25gwnpjantq5DY7uFURVIjg5fO2LLNd8qvGJtKgHL2Hrx6x4a-suD5z05cL1rZ-dOM52hc_JtmRTLlbubDoNY-D1r9USlzD9FkL7R95HeJwumK1vNkVm3eb3CJl_K66U0AtnHHO5UMM8Kp0xoXdTJy_r_c95tu9RmiSOzBg3RAghUuJ6tTl5TcsdMJesktHiHz8EYAgXNze-p69lRymK8wAwAn1fWixpooHqQJ8va7MRdhm_uJpaxf5wFLn_9JJKxbeBkYXM-U8fVU0CECMMg8UfOEJvXa53VCBXRLmMSBuFujyROv8I35QBE9wU4-jPuDA_dXxLHas03cW99yUtd55WYDPaCKTvKRAeBwtd0_OeA5LCqlypqiRRWhSBVtv45jIrB9wogiNInDIU7nkfwcD4u3mk3VCD6dXYGsayG0X9VvOMuYZo9gCej45DYkpaGQJcLWVBMhN-iU2C3BuCDbezRHMMiRvhZbAJ_8tz5rmKfJEGtpmatm6695tL2cmXhfLC2Hkz-jfJh066MC9Xi8HoXb6tk4XtHIcy7jyd_-jAop7WdPIR0CtYJROSqvJp6tOrPOghXT0LH3sHC6HsGzdqG_LKGIi1yB-1D2ntxxfks7Kvmpvkw2ZHcPkt7FIcdvMn3PD8ALVCq0NLJ34u4FO5a9Q3V0cgQAgAoYR0-lX__EJTgklOU0sG9EaLTUE2Gv3CkAbKNW53Nnb-ouGTLyP1znf90c_kkChEimnz5Kqy6frBnW0wj3q_b6EveoLvf3J2yqq2oucxOnHDmBzHNWrLwdiAyGeJtW1NM2AvfBR-zys0HM4m5a5f569uOc5OYuXfyBrtJvAQ8zbRw9MRuWA9s19tH0Z4DoRqsc2-sBjM_qgbiiJ7lxFTj-JVubT8L_Y8ZLFkJpht8AJ4T8r7Cnm4A0tO-cbS2WA2Wl946kgPel-LmFqAmQCITDBM6VDq1xhcMWIIEa-erpc6PM0iJ3J_VIDOd3nVq9Jnlx8Rnw_gjMtaVfkKJPKw0q0FgxCvVuyQuDQP3MRVxzJMfYPohqyUi41qmfBSljH-F4cdn96lcQOOY0SeEVo5W77Y_piikbcC3wmJct0GWidkus_z2VeiGsVqlFyXpVRjPKbIZTcgzVDN6z8-vQJcbEPGP25egu6B14vJ9MvBpq7dz1ScXHQJGV-ROzj2k5hHM3j1kvt6K1tHaMdndAIx3PPRbXCSaVxyg3J0FzX7RrR9leiLZCrLrdYOOJNZuYFrGEZ1G1djiJNldZYlEcDiGfnLUb6TRw4i907ocYO2nFlrxiNvJA9cWmqpyqutSdedtcuwDmU2bL0bOuA17M7ekN5LoyLIj8XLmqqKH4ULKlCbh-SHImITdsD_gmuXSboOXSVvywytqJlPQ4T1b46ENrChf72RwWPL_Dd_8t_YTCyxy1MBMyGEWEqU-AR0pUBt6h-Y1Wa0Q&pr=8%3A8C6803FC981D8CE4&cid=CAQSKQBygQiD_ty4tufSMKJ3XdJa9vKr2-CJ3pWDQBrXWanyfnUBMU0lBTsTGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=17662381457414310000&adk=3399080681&idt=75&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11001
x-xss-protection
0
server
cafe
etag
16383942900985251592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
generate_204
tpc.googlesyndication.com/ Frame E8C8 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TVdTtg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame AA56 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 07:18:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame AA56 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AMU2nOQdAwX6iwlEo3wRAid7ZaV_bZGXdUPHTmNqArWLHLe5LXNV_IV_ln34JF6diZj33gzpSgr8LRO5lz1pfa4CQVp_IXu6hiHn2DLCjGE4J_ob2XDXF6eGA9YG04NLPxQn6ocQvHVH5RCAhnyTxPlle0FTE079LqRA-qPTeh4aOySpM&dbm_d=AKAmf-DVDywpSHawpBdzEM1IQH-hQ02xg0vqCDhV_XDBfiEqOw74bzezu4KlzNUZJEDeQU5yXlGLhxsUCW3BDWKGOfgnrZgyhl0jIw8modOCTs-VhWjA4RvwZTci8ZwGFhAiaME4jBDxOr48BVdUSkLEmbo00TgUSfOd6bLQk00owlwmCDjROAO3A8nohzvDRIvkr2k0RX2p7AX1-axBCAtAcSgZoh8v9zMwSoqNDxL7KFH5Wp4uBphtZnF9OOGIKQf6SdcbNzsT0r4euAPFdtfp8g6drjQErJzdAtKYSfbDl2dGMSzGSAQVxMSAwAypl_Zm4xmGqicS58Jj7If3kMFWVjXnllj8IiwPsUvDVbxL8xcog2HHA7E8UNkN6pYS3u57ybfUHnazS-_-8LGqaXLFGKn8PEIJ2Vfne_kj85BdJKJZnPZFTu4jnnLYz67jrB3LcfPMmM9eh2WE6NbMjlM22nw8GY2EnVF78t3EjI4BazUkHHIE5cGfv1IFh65EHJADlHgWAGH6O9w3cQJAIPd4bSmcmFzhZBbMX9uXBUTKK7-1bP0tByZ5uG9bmVRZ7utn7cT0zXMQABA3knWtYWHwAaZ8rkFTMG_7GDtNMg3VlMmXFJXO5WyHU8blk-prNrGKLztzxmp3fPFP4G8G-SeSnr2_vAvXJIdp-XfsBCCeKi-7ixFplan8J_nvrB7u-COicS7DYqDqKsJ4Nm9SJXT_QGfY2isRKXDQIJCg1XhoHFaaI2qkPxgezaPOgIVnRCkvUzvSzo-Ck8VPRZOTP9YNFCYcPIcJ5e9BnYcVeVHQ7NuEts8vV0cY4jhpN9NiuZmczyRjGw-DdBg5ORzlmZHpfGk9T3-MWBWZKtDjXjX37BBF0eZMybSEX1krQ9hwfWCsOJf1W7n77ezDAkKOB97IHl89btdWpYHdz-lXlZZGrBARrtlGXmgAvwqrquw9G_xqEOjLKox1CwBiksOWSnuU9Ggmm-kzI4_IuyaLMUCkQvPO9vK0ifHmwbTyNHH6ncc-E4k98yGypjnmWAH8QW0GB3kygBnggV1rEkMqZvYPFW_PKFNMpEgUyuZE4NqsLdhGCy8pmDFD5SfyNXcarAEzC0gvmxlOph-j94fDOx47vMi_Tqc_Evip-6dLIlH7OVoa21qoX8dNKwIXfzhnAssuqaKr23V_WeXHerHPYvxJvfm5blq8touaIy-c1kq7eelTOAhLSfvBIyU6R4AizoJ5LkULQ6eMGd6Z5Z_C6Dx5zCl3LUdLm07JEy_BGasV7SZaWkE7amnRc1D80-ZSjuyQdaFsYWLGVa-Ma8wC3PNTDycT1crWjTdJs9O1wrxHsJwLIhZiFFvEBUD7iWEjU3HCxft7q-3aWr5-QevPgSji4Q1Y7TMoI7jVNDAteptg_b5gXfG1MAZGi5scl-l7Rs0tid7s5eP7staw8vI1MD8c-3otDGGJGeut06yYlIpiHxI1NHHa_Hj0LTqwCE7j4Axv9MpIOzWTmRvRHZvR_Jesz3GklMWUrWx8ir2z6eDEc_LN5n4gIQ2uWfRHTBgqjrzUJj8Wzh9Un82nCdKGmObk_A7OTqtNWr7ReQXi4K5UNQXI_VkOcL0HlXHEC5GaHCKSZqKaaYlXdBj1LrU-YFAGm_DKQUrFvCkVf9DS2QgkwIOXZtdTWMS4Wgi9TkEkhmC6T6kvD1JCFOH6N8PHd0v_pE9KYKgEAskZcImE5YX1EUp8L2rxFuUwN5mXh8XBNmkHGWdqmel7iZG5Xf30z6v121Dl9h_JqDfMOdwuTYrRyhWQBbntPypsdcO9dDjjyNUgN5ZtXgKfhT3NdF5u-DfYYNfIVCpRFaLrKxSRT5VFeSb7JJ8Tp8YTBm6iQcHbaw7su6bsoBWPHf84oAeoiMUal4gRy3Ki2Mm7ubSGrN0m0exRQe4BzJsV1VUfBO35xsg0_K7AondQlRDOlZAmZimLrARSnWkjxnII2hlM8PtkXlYpBRgMl__IPwasnpqJonpzgAmxxchzdkqdIQJEx9zk4VajsnFPShFj1zvHgicmW8CVkHYc5E6yptaYIl4ScbnjfsH0RLbPBIi10ysiWbmYXBDClWj-mbGaVa6ev2EMw2E2Y-SWUVeZtOhUbRBrfRGGfGRu68ulR54XKPBqMajHKDYFXWd2SN_-cIvN6sTZ_1pSwkNc3FfP5AdxI7PaxyMlwXi4s6qjGeKB18Iqa8xxYZfoRGC9pvgerS6ESrerV-wkMTSOdiL4bW5HkOPa5929__ENY4BFJWce39R9nu_-iq2vh7HRHAv3NUwVUxwT-LezTKyNfydXEa2HL-LAY7xGcd7bUe6mc02zbtml-Bd5ybaz4G1aZITez--bvTBv_uSWIP8rUzeXaWnNYPUVx8616p3JFzyo_-XwhZidgviPFEOvfqPug8Xqbh8KRWqDU23khxZNPeX7fam5TJQP_-re-Bvsp83Yo463PitBiaYjGChnlQpLnL0z8KtCQxMZtIRLe43VFrnMt-GApkbp7uv8r52v3HGxQlEGx7rnBhXppQSZqodPen_QRtfqkJ3MGOMegPKfCcfyTOtYXz2s73m_i0ih9kTeti8JS97OjE-0OPj8Zwu-lRPf6pLroHFgTyqnunnwAiXuOraPzPNpcOT7EHMB-z2kcq635F7MpnmbaYe0HbAPNn11f-YiBx0jcR9CkPyLnqFwBC0AukD0jAJSaJvTOSiuvx6QNIid_HeljPdpUNDB9lbulIV01AOr_3gWg190Ma1gzgcRVM5XQkCrF3SIrDDg_BuOMqg0uLCMqEyu30S_fUm050-ZLhHPyeYExAWdM9HN85gnFE1aNXAkVnHL2jJp1qY39fHVt-Cw9OTGjkhfBgX88MqxPoAbRjQO4xj4VaDH8Vlk7bq9ijgdFAbNVyojn1mZnbRDVOVnF1spDMpZiblp_a5VUhwvHoiTizRS_kdZhTRizJ-WtLJAKntPgFAnHY8dy7zAOTZk4dgMrd_7GsSt77PUK48kjhOykY-AoeZM6J0plyjeTePrRhrJwejjke9zrREJMjR3JPKNWvi82VKhgsm4u0jY2TVyrAvBC924QnHeWsVYEtSMRDcTxcGRpMKO6xPwV_Vc0v61ngUvr2s0ae2bH7StRH_kOrqVRxn4HiCIIWbZxKfYzdEgwvbUGBjlnvSRMsI6-NYZLEQaf2cTLTuhRaJ469bTrwyQ5rU43sfuTt8khmkod0lOyNNRLO7n5-V0Dq5SjCNoU1Xj2FHgk6iFZK-hzkqdWgwDl5ZYDup4GbJILwV9e5SZOlKvmA5hoLRUxaUye_U3aC47tyamIH4gy-IVhqf6QY5Df-TIxEf2nGNwcS11f7WdplJ2WJJOeB4XXLROo_BstzEqtVCsnb2Vekl-gF-ib3DShXHLqDuWGljcBbxxW5ZSY9rdxPTr9FgQNwu1DZb8NlA_ljPF3nWNoeUOwB-1IdZiyKk9_PH_basPgBJAilR6XOK3iGcykCQdgLdF9L0RO_PhfA0&pr=8%3A4D3107BB9D3AF79E&cid=CAQSKQBygQiD7nSjAs0R7Yp6-EOI6yf88PLD65e4mOBVPT3ZN6IqHzi1uBAuGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=13952931540454148000&adk=1061885417&idt=82&cac=0&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame AA56 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AMU2nOQdAwX6iwlEo3wRAid7ZaV_bZGXdUPHTmNqArWLHLe5LXNV_IV_ln34JF6diZj33gzpSgr8LRO5lz1pfa4CQVp_IXu6hiHn2DLCjGE4J_ob2XDXF6eGA9YG04NLPxQn6ocQvHVH5RCAhnyTxPlle0FTE079LqRA-qPTeh4aOySpM&dbm_d=AKAmf-DVDywpSHawpBdzEM1IQH-hQ02xg0vqCDhV_XDBfiEqOw74bzezu4KlzNUZJEDeQU5yXlGLhxsUCW3BDWKGOfgnrZgyhl0jIw8modOCTs-VhWjA4RvwZTci8ZwGFhAiaME4jBDxOr48BVdUSkLEmbo00TgUSfOd6bLQk00owlwmCDjROAO3A8nohzvDRIvkr2k0RX2p7AX1-axBCAtAcSgZoh8v9zMwSoqNDxL7KFH5Wp4uBphtZnF9OOGIKQf6SdcbNzsT0r4euAPFdtfp8g6drjQErJzdAtKYSfbDl2dGMSzGSAQVxMSAwAypl_Zm4xmGqicS58Jj7If3kMFWVjXnllj8IiwPsUvDVbxL8xcog2HHA7E8UNkN6pYS3u57ybfUHnazS-_-8LGqaXLFGKn8PEIJ2Vfne_kj85BdJKJZnPZFTu4jnnLYz67jrB3LcfPMmM9eh2WE6NbMjlM22nw8GY2EnVF78t3EjI4BazUkHHIE5cGfv1IFh65EHJADlHgWAGH6O9w3cQJAIPd4bSmcmFzhZBbMX9uXBUTKK7-1bP0tByZ5uG9bmVRZ7utn7cT0zXMQABA3knWtYWHwAaZ8rkFTMG_7GDtNMg3VlMmXFJXO5WyHU8blk-prNrGKLztzxmp3fPFP4G8G-SeSnr2_vAvXJIdp-XfsBCCeKi-7ixFplan8J_nvrB7u-COicS7DYqDqKsJ4Nm9SJXT_QGfY2isRKXDQIJCg1XhoHFaaI2qkPxgezaPOgIVnRCkvUzvSzo-Ck8VPRZOTP9YNFCYcPIcJ5e9BnYcVeVHQ7NuEts8vV0cY4jhpN9NiuZmczyRjGw-DdBg5ORzlmZHpfGk9T3-MWBWZKtDjXjX37BBF0eZMybSEX1krQ9hwfWCsOJf1W7n77ezDAkKOB97IHl89btdWpYHdz-lXlZZGrBARrtlGXmgAvwqrquw9G_xqEOjLKox1CwBiksOWSnuU9Ggmm-kzI4_IuyaLMUCkQvPO9vK0ifHmwbTyNHH6ncc-E4k98yGypjnmWAH8QW0GB3kygBnggV1rEkMqZvYPFW_PKFNMpEgUyuZE4NqsLdhGCy8pmDFD5SfyNXcarAEzC0gvmxlOph-j94fDOx47vMi_Tqc_Evip-6dLIlH7OVoa21qoX8dNKwIXfzhnAssuqaKr23V_WeXHerHPYvxJvfm5blq8touaIy-c1kq7eelTOAhLSfvBIyU6R4AizoJ5LkULQ6eMGd6Z5Z_C6Dx5zCl3LUdLm07JEy_BGasV7SZaWkE7amnRc1D80-ZSjuyQdaFsYWLGVa-Ma8wC3PNTDycT1crWjTdJs9O1wrxHsJwLIhZiFFvEBUD7iWEjU3HCxft7q-3aWr5-QevPgSji4Q1Y7TMoI7jVNDAteptg_b5gXfG1MAZGi5scl-l7Rs0tid7s5eP7staw8vI1MD8c-3otDGGJGeut06yYlIpiHxI1NHHa_Hj0LTqwCE7j4Axv9MpIOzWTmRvRHZvR_Jesz3GklMWUrWx8ir2z6eDEc_LN5n4gIQ2uWfRHTBgqjrzUJj8Wzh9Un82nCdKGmObk_A7OTqtNWr7ReQXi4K5UNQXI_VkOcL0HlXHEC5GaHCKSZqKaaYlXdBj1LrU-YFAGm_DKQUrFvCkVf9DS2QgkwIOXZtdTWMS4Wgi9TkEkhmC6T6kvD1JCFOH6N8PHd0v_pE9KYKgEAskZcImE5YX1EUp8L2rxFuUwN5mXh8XBNmkHGWdqmel7iZG5Xf30z6v121Dl9h_JqDfMOdwuTYrRyhWQBbntPypsdcO9dDjjyNUgN5ZtXgKfhT3NdF5u-DfYYNfIVCpRFaLrKxSRT5VFeSb7JJ8Tp8YTBm6iQcHbaw7su6bsoBWPHf84oAeoiMUal4gRy3Ki2Mm7ubSGrN0m0exRQe4BzJsV1VUfBO35xsg0_K7AondQlRDOlZAmZimLrARSnWkjxnII2hlM8PtkXlYpBRgMl__IPwasnpqJonpzgAmxxchzdkqdIQJEx9zk4VajsnFPShFj1zvHgicmW8CVkHYc5E6yptaYIl4ScbnjfsH0RLbPBIi10ysiWbmYXBDClWj-mbGaVa6ev2EMw2E2Y-SWUVeZtOhUbRBrfRGGfGRu68ulR54XKPBqMajHKDYFXWd2SN_-cIvN6sTZ_1pSwkNc3FfP5AdxI7PaxyMlwXi4s6qjGeKB18Iqa8xxYZfoRGC9pvgerS6ESrerV-wkMTSOdiL4bW5HkOPa5929__ENY4BFJWce39R9nu_-iq2vh7HRHAv3NUwVUxwT-LezTKyNfydXEa2HL-LAY7xGcd7bUe6mc02zbtml-Bd5ybaz4G1aZITez--bvTBv_uSWIP8rUzeXaWnNYPUVx8616p3JFzyo_-XwhZidgviPFEOvfqPug8Xqbh8KRWqDU23khxZNPeX7fam5TJQP_-re-Bvsp83Yo463PitBiaYjGChnlQpLnL0z8KtCQxMZtIRLe43VFrnMt-GApkbp7uv8r52v3HGxQlEGx7rnBhXppQSZqodPen_QRtfqkJ3MGOMegPKfCcfyTOtYXz2s73m_i0ih9kTeti8JS97OjE-0OPj8Zwu-lRPf6pLroHFgTyqnunnwAiXuOraPzPNpcOT7EHMB-z2kcq635F7MpnmbaYe0HbAPNn11f-YiBx0jcR9CkPyLnqFwBC0AukD0jAJSaJvTOSiuvx6QNIid_HeljPdpUNDB9lbulIV01AOr_3gWg190Ma1gzgcRVM5XQkCrF3SIrDDg_BuOMqg0uLCMqEyu30S_fUm050-ZLhHPyeYExAWdM9HN85gnFE1aNXAkVnHL2jJp1qY39fHVt-Cw9OTGjkhfBgX88MqxPoAbRjQO4xj4VaDH8Vlk7bq9ijgdFAbNVyojn1mZnbRDVOVnF1spDMpZiblp_a5VUhwvHoiTizRS_kdZhTRizJ-WtLJAKntPgFAnHY8dy7zAOTZk4dgMrd_7GsSt77PUK48kjhOykY-AoeZM6J0plyjeTePrRhrJwejjke9zrREJMjR3JPKNWvi82VKhgsm4u0jY2TVyrAvBC924QnHeWsVYEtSMRDcTxcGRpMKO6xPwV_Vc0v61ngUvr2s0ae2bH7StRH_kOrqVRxn4HiCIIWbZxKfYzdEgwvbUGBjlnvSRMsI6-NYZLEQaf2cTLTuhRaJ469bTrwyQ5rU43sfuTt8khmkod0lOyNNRLO7n5-V0Dq5SjCNoU1Xj2FHgk6iFZK-hzkqdWgwDl5ZYDup4GbJILwV9e5SZOlKvmA5hoLRUxaUye_U3aC47tyamIH4gy-IVhqf6QY5Df-TIxEf2nGNwcS11f7WdplJ2WJJOeB4XXLROo_BstzEqtVCsnb2Vekl-gF-ib3DShXHLqDuWGljcBbxxW5ZSY9rdxPTr9FgQNwu1DZb8NlA_ljPF3nWNoeUOwB-1IdZiyKk9_PH_basPgBJAilR6XOK3iGcykCQdgLdF9L0RO_PhfA0&pr=8%3A4D3107BB9D3AF79E&cid=CAQSKQBygQiD7nSjAs0R7Yp6-EOI6yf88PLD65e4mOBVPT3ZN6IqHzi1uBAuGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=13952931540454148000&adk=1061885417&idt=82&cac=0&dtd=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11001
x-xss-protection
0
server
cafe
etag
16383942900985251592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame BE9F 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 07:18:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame BE9F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXxseaJUVJhIKRwgZTb9rSR6CzAn6LfnqyIoBGdU6xnLWWiq1BySJuMtF78iefiKuqJTWC5qF3ZA-TNayXeCVYwYBPx1MWZgp7QIDU1GPkL0F3-ZOXMAXiJg-1Je17kbBvqfpcuOw_U4og9dwdutOxrOSUiy1RC2pNk1othvSw2vOa1S8&dbm_d=AKAmf-CA8TJA2AjI7mlmlWT9Evl038-cXThFTdvGH_7iH9zMzkUDB6q5UJn9ZSzEF2dX5KUET8uomSn8q0NhuAdacNdyS5n6NcRmwUuCJe2rPdFpwJH3sMc_kba-pNmMxLah8KRywQqIu0vzbK80nxsY-cN7rW1YLWWENsqf_uJ0dyCVIngtshBNO5ZIye8GMqUoasAAXvMj9qKJAOV1hB9rAYdIbDm-PS6ldtlF8xGKIuEBVRvlg33QNH5hfXLkDl6a7ER8YlIoQx0C9VsL836hdjyJJXIYUVtgx3U1i1P72a1KXfaDMSejxLFm0Emxcys985-kyvCYha3J_DaXBo8pgAjqS1xv-5Vfh-SepAT-8fXmtTuTPFGTZCEz_uKlwin9WnwJKayixqTf_aPxgZ2qWsi--1BwL6skypyayRGwUjUynPRaZtq8ppf5UsBvHi0lFVQyjFo_WBdbw_6YxZSsXXWMD0KkGpI24UM4A1P88P_BLEdsCQEZBeTuHZYOSw9acC5nier6i5LtWX3J2qHY3lfBQldwbzWa4N9flALbD3R40estj6TLAtwYDMr5fhm3_41dzFyMsohFOzP_3YRKqysuOD7qdrc-1yPj-7hrC0Ov0HzfqKmfJJK6EPGZjwV_0oO_8dkBAY6_rLy7GgoploHasUx5f4S_SiegP1n__8WdGEpUan0663ES-h430XcoZ_dbyjuBfm1dPOuVnaUdMiHL0Rx38P4m9dUULVXwDK67nX848fKTOkG9NOeMtgjk0rWSemo1w-_FKoyar9pvnY6iz9tmT24iMLB8B5MHOryVxMze05BoAtnL2q9Z2PDx-Frv2AxZJE2JnArHr-xmEWanQFRZbJ9aNvfkg-fjmqMxgEJbDkTdFxK8DT4NoJKm3n8r5XBUNxfsOJ_Io1TWLLjx_XX0R16XewXAbqlgZZocX6X8kpEoQp-kN9GfY2OTalp-uGOgEK86NfQJ5Rrrc5Pj49-7XcQb5VQqZfenfjYlFvKn3I9AE1bBpOs0czMBRwiKiYr-2ATmAlU_uy4sjVP6u-cw_k-3UhS6KoaVezD2iN6YMbE_ggniyPsRtfil1Ey4qrBqU1JU5nkNPQVKb3ycZlMU0q9TRJU5ak6BjvnQE4TR-kwf3M3WTtRNimLBoqKTXsv6uSTb8T-p1_ia_pxaaY42rykmG9WAjkML1KTNyUSKXSkE0ADiyBv7CBNW6aUIpuvoRAH7g8sRwSx6-_l0DCmPjOJTTag78Aa5tzUZdRubCgtqVvzpcY-vuiaIjD7WTlAMRWPwgrVtqsnsL8mHK1agMIcmVfbBKQcA-1QTm2LkaM2QOKIyl7zKlTZeNR2ORolH4bSCjQA6Wgn2qjxdchAzo_cB67i0be6X5brmcXP7FqbBOYOIO3sQHHmIpuMJaZd2ZlEHEpYSvAkHE5Wg5TOWoP0mvtXjU-EjmymGlTeTawaNmzODyukO7AJd1Uy_py0urIRgcnNZhCLQGw-4M1RKB4EnguKlQvworHqDpevHDjxgsc663baqoqF52SOWa6iy5OytzMmzvjCSifIkL5yjs7cw4SUKYdA4VPh2bqhI-O5kBuoO0uatT6TLwMrKWBbJJcAZ6w1IsKFYEdYQpt0UoPpVPIFfpUcsr6KppVyxxmIoRwh5l1Oo7qwFqu865clsXUJoEUb0U72BZwE6XSJ8PBLkryTDH_z_SwYVVUKXT7xwjBIwYk6eVHzpmYsZ68RcaXwQoYpoihMRbVKgIKAVO97dUONqdhI_gczA6Swsdq7appj7mQyL8kr-5IXjMEFrmeqKiXn_oRI8bHlSdM-PZnJ29D-sMhoZ51UhRSl3ahbR49ZmCFlxuU7O0TRuvflXOQopiPe6rFK-gRBhgDIjaWth7ChHCerhh_khzrWXIUxQkobxR3Ci6w3bwzUNbvtqtutLrAVDJQWZRL9PHe7bfumgOIp6u_QQVAZhLo9a8F6nyF6oxpfv2FZ0jY4Yl6nneHQK-m7vIjlFDCMwlyOmZy-tjb2g9dbyWb---Ym9dI4glZz7KO2Bw1ehk50EXRzZ6cvwfeboen5_U3hJ7Y5RkGgPcIix9XVFfT-14quRu_X7sTsalIJxQYF3dyphTTyV3ouXVxmNVGNCyaBdyYXf52331jn_2v7PCzwrEAgritG9vkhgclxr8Ntl0AxcQBo9rm3-Lns4X0phbUx0onfhvwCqlOgIy4-0a24dio9ijsCLe7vsPkmfd75J2xEqS9Gu18ClwBhEF6JytfCOqb4Oh17gcaGMexz8qLJu3ejlN8ZHm8OsfN6i63LnQowXBlc1uy_6Y0gTOEMKEqxj9MQQsreKmvxlIsXMUD3sGp684u33r6_d6XyOx3dLq_h0vcB5WSx5LN0yoqNV5nnL_idL93vxtB7kcifxyS95aYSxnsHpFKLZNqXGNDuXbPH756jY3jicEZvE1W3vLjpQlX8js37PouwJsyDYvuh15GrH5idbERy3e4R43SCy0z_n-DKC-oYaDnip4gKu-OMofxGpSkWVACy8raUBl0ocknwzO9j-KJbwQIn-0n22rxoV1FsnI9v22AD-vLt-G_hoafIrzX4hAyQa6X9W3TF4RURVjAIv2HmVQOhx5ADQPzzyzJP4lhpNJvw7rOomwLfnqwJbJl-crEzvuYDXssHFmH2qnoePxGiIjIXspOo4y4y-ZuwoqYsRGS863uyWSMA5x5NmCQCZi-vNWY9ilbPP7zR9iKVoYcQvrVTg2EqE61bDBzuxLG9yETdW0lDINCd2zbcuiDAV8z93sWNdiiI5VqtfeDD8Pa74Q_AzSEoM-LDR_hw6LYKmykUZ7cRkqSCtPNtMmQcQ-qBqmL1I_wxtQHUUuat81BHFutyP8_sZ-N_hYnqhjFUROjFtPz2VQ-V-mVbF6vD2dYJsKDWIgSuzbgMRaPq7D1rbuQAQInJ5pDK_FlIARHCMsux88MqGwbmfD0chAE-pq8FvqElIOF36pX4IcyA-WvpHNqwzuF7mh8YPfA5OB5KnMtfcF6UAhVGtlY165GEQzh2rM9bD_HohMAnG5VWTMLGaBlB2oHkQDdMYwYsHi2HTZXNesijaWCwRiU7fm4VaoMTwZ4EK1L6WES2Ihlis8U1_ZLzmgkXk4-zIf4Zb4IP3PzU-Xn12Hsq3a3P8FzV3hMc_Gk-PMQStRk07i0YsZEvhNn3mErOdOmgXeo-_6tMutYGZg8akQHFZ-GM7QZiij5eeKrvqTUPF82BnJzzegovyCzQHwFhUdkY2ZBlgg1cmSS89gihVZCobgu4qRuHvysCJK3X98QvUEjJHoLIsFmROg4jIr776sc30RznQAYjFHYM_Ukm57YsW-imHLk7NI3gU-4fj-MicFnUBOczK_8LDIyufmzw4h700hEorvrVe39l4TpjmT7F3Qin6SUGLTPXXdwXrfPZJOVsdZAZXIstcmP3JqvADLomPhsqTxTL6ldTUymLCLIsCcTM9BA&pr=8%3A3401B9DE316FEA13&cid=CAQSKQBygQiDS9qkgdt5mofbcU47KzAcI0NT0bQv5G79AY4nnUKBg01g8uDvGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=14646098180658207000&adk=816895174&idt=147&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame BE9F 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXxseaJUVJhIKRwgZTb9rSR6CzAn6LfnqyIoBGdU6xnLWWiq1BySJuMtF78iefiKuqJTWC5qF3ZA-TNayXeCVYwYBPx1MWZgp7QIDU1GPkL0F3-ZOXMAXiJg-1Je17kbBvqfpcuOw_U4og9dwdutOxrOSUiy1RC2pNk1othvSw2vOa1S8&dbm_d=AKAmf-CA8TJA2AjI7mlmlWT9Evl038-cXThFTdvGH_7iH9zMzkUDB6q5UJn9ZSzEF2dX5KUET8uomSn8q0NhuAdacNdyS5n6NcRmwUuCJe2rPdFpwJH3sMc_kba-pNmMxLah8KRywQqIu0vzbK80nxsY-cN7rW1YLWWENsqf_uJ0dyCVIngtshBNO5ZIye8GMqUoasAAXvMj9qKJAOV1hB9rAYdIbDm-PS6ldtlF8xGKIuEBVRvlg33QNH5hfXLkDl6a7ER8YlIoQx0C9VsL836hdjyJJXIYUVtgx3U1i1P72a1KXfaDMSejxLFm0Emxcys985-kyvCYha3J_DaXBo8pgAjqS1xv-5Vfh-SepAT-8fXmtTuTPFGTZCEz_uKlwin9WnwJKayixqTf_aPxgZ2qWsi--1BwL6skypyayRGwUjUynPRaZtq8ppf5UsBvHi0lFVQyjFo_WBdbw_6YxZSsXXWMD0KkGpI24UM4A1P88P_BLEdsCQEZBeTuHZYOSw9acC5nier6i5LtWX3J2qHY3lfBQldwbzWa4N9flALbD3R40estj6TLAtwYDMr5fhm3_41dzFyMsohFOzP_3YRKqysuOD7qdrc-1yPj-7hrC0Ov0HzfqKmfJJK6EPGZjwV_0oO_8dkBAY6_rLy7GgoploHasUx5f4S_SiegP1n__8WdGEpUan0663ES-h430XcoZ_dbyjuBfm1dPOuVnaUdMiHL0Rx38P4m9dUULVXwDK67nX848fKTOkG9NOeMtgjk0rWSemo1w-_FKoyar9pvnY6iz9tmT24iMLB8B5MHOryVxMze05BoAtnL2q9Z2PDx-Frv2AxZJE2JnArHr-xmEWanQFRZbJ9aNvfkg-fjmqMxgEJbDkTdFxK8DT4NoJKm3n8r5XBUNxfsOJ_Io1TWLLjx_XX0R16XewXAbqlgZZocX6X8kpEoQp-kN9GfY2OTalp-uGOgEK86NfQJ5Rrrc5Pj49-7XcQb5VQqZfenfjYlFvKn3I9AE1bBpOs0czMBRwiKiYr-2ATmAlU_uy4sjVP6u-cw_k-3UhS6KoaVezD2iN6YMbE_ggniyPsRtfil1Ey4qrBqU1JU5nkNPQVKb3ycZlMU0q9TRJU5ak6BjvnQE4TR-kwf3M3WTtRNimLBoqKTXsv6uSTb8T-p1_ia_pxaaY42rykmG9WAjkML1KTNyUSKXSkE0ADiyBv7CBNW6aUIpuvoRAH7g8sRwSx6-_l0DCmPjOJTTag78Aa5tzUZdRubCgtqVvzpcY-vuiaIjD7WTlAMRWPwgrVtqsnsL8mHK1agMIcmVfbBKQcA-1QTm2LkaM2QOKIyl7zKlTZeNR2ORolH4bSCjQA6Wgn2qjxdchAzo_cB67i0be6X5brmcXP7FqbBOYOIO3sQHHmIpuMJaZd2ZlEHEpYSvAkHE5Wg5TOWoP0mvtXjU-EjmymGlTeTawaNmzODyukO7AJd1Uy_py0urIRgcnNZhCLQGw-4M1RKB4EnguKlQvworHqDpevHDjxgsc663baqoqF52SOWa6iy5OytzMmzvjCSifIkL5yjs7cw4SUKYdA4VPh2bqhI-O5kBuoO0uatT6TLwMrKWBbJJcAZ6w1IsKFYEdYQpt0UoPpVPIFfpUcsr6KppVyxxmIoRwh5l1Oo7qwFqu865clsXUJoEUb0U72BZwE6XSJ8PBLkryTDH_z_SwYVVUKXT7xwjBIwYk6eVHzpmYsZ68RcaXwQoYpoihMRbVKgIKAVO97dUONqdhI_gczA6Swsdq7appj7mQyL8kr-5IXjMEFrmeqKiXn_oRI8bHlSdM-PZnJ29D-sMhoZ51UhRSl3ahbR49ZmCFlxuU7O0TRuvflXOQopiPe6rFK-gRBhgDIjaWth7ChHCerhh_khzrWXIUxQkobxR3Ci6w3bwzUNbvtqtutLrAVDJQWZRL9PHe7bfumgOIp6u_QQVAZhLo9a8F6nyF6oxpfv2FZ0jY4Yl6nneHQK-m7vIjlFDCMwlyOmZy-tjb2g9dbyWb---Ym9dI4glZz7KO2Bw1ehk50EXRzZ6cvwfeboen5_U3hJ7Y5RkGgPcIix9XVFfT-14quRu_X7sTsalIJxQYF3dyphTTyV3ouXVxmNVGNCyaBdyYXf52331jn_2v7PCzwrEAgritG9vkhgclxr8Ntl0AxcQBo9rm3-Lns4X0phbUx0onfhvwCqlOgIy4-0a24dio9ijsCLe7vsPkmfd75J2xEqS9Gu18ClwBhEF6JytfCOqb4Oh17gcaGMexz8qLJu3ejlN8ZHm8OsfN6i63LnQowXBlc1uy_6Y0gTOEMKEqxj9MQQsreKmvxlIsXMUD3sGp684u33r6_d6XyOx3dLq_h0vcB5WSx5LN0yoqNV5nnL_idL93vxtB7kcifxyS95aYSxnsHpFKLZNqXGNDuXbPH756jY3jicEZvE1W3vLjpQlX8js37PouwJsyDYvuh15GrH5idbERy3e4R43SCy0z_n-DKC-oYaDnip4gKu-OMofxGpSkWVACy8raUBl0ocknwzO9j-KJbwQIn-0n22rxoV1FsnI9v22AD-vLt-G_hoafIrzX4hAyQa6X9W3TF4RURVjAIv2HmVQOhx5ADQPzzyzJP4lhpNJvw7rOomwLfnqwJbJl-crEzvuYDXssHFmH2qnoePxGiIjIXspOo4y4y-ZuwoqYsRGS863uyWSMA5x5NmCQCZi-vNWY9ilbPP7zR9iKVoYcQvrVTg2EqE61bDBzuxLG9yETdW0lDINCd2zbcuiDAV8z93sWNdiiI5VqtfeDD8Pa74Q_AzSEoM-LDR_hw6LYKmykUZ7cRkqSCtPNtMmQcQ-qBqmL1I_wxtQHUUuat81BHFutyP8_sZ-N_hYnqhjFUROjFtPz2VQ-V-mVbF6vD2dYJsKDWIgSuzbgMRaPq7D1rbuQAQInJ5pDK_FlIARHCMsux88MqGwbmfD0chAE-pq8FvqElIOF36pX4IcyA-WvpHNqwzuF7mh8YPfA5OB5KnMtfcF6UAhVGtlY165GEQzh2rM9bD_HohMAnG5VWTMLGaBlB2oHkQDdMYwYsHi2HTZXNesijaWCwRiU7fm4VaoMTwZ4EK1L6WES2Ihlis8U1_ZLzmgkXk4-zIf4Zb4IP3PzU-Xn12Hsq3a3P8FzV3hMc_Gk-PMQStRk07i0YsZEvhNn3mErOdOmgXeo-_6tMutYGZg8akQHFZ-GM7QZiij5eeKrvqTUPF82BnJzzegovyCzQHwFhUdkY2ZBlgg1cmSS89gihVZCobgu4qRuHvysCJK3X98QvUEjJHoLIsFmROg4jIr776sc30RznQAYjFHYM_Ukm57YsW-imHLk7NI3gU-4fj-MicFnUBOczK_8LDIyufmzw4h700hEorvrVe39l4TpjmT7F3Qin6SUGLTPXXdwXrfPZJOVsdZAZXIstcmP3JqvADLomPhsqTxTL6ldTUymLCLIsCcTM9BA&pr=8%3A3401B9DE316FEA13&cid=CAQSKQBygQiDS9qkgdt5mofbcU47KzAcI0NT0bQv5G79AY4nnUKBg01g8uDvGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=14646098180658207000&adk=816895174&idt=147&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11001
x-xss-protection
0
server
cafe
etag
16383942900985251592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
index.html
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 0642 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2270
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:28 GMT
expires
Tue, 21 May 2024 09:17:28 GMT
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CC7B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSMRPyTbXu4ub3_KlB910UEU_Hn6OQ2saIMhtlhcJX7rssPJrrZ4TJE_iBJSjcRWe7bIRlWhYw8kCWHmSB0qYvHHGenZYUVezJEGlKSaR8Vi4Io1aZaJjSxccMdB2k6Fr1Ni6lvWHvdbBf2MKuNMYxbsVlY_0sDBrOwMwLpEDfspmmMi6Yl6LqHvsesKSxcOw1XPvj1u-Y-1-hAQY9dq8s38hL42GI1SNwwHltmlvtfx6E3qZ20KyWB4_IyoO51UNdNDkRB3Ypr2QCF6yDcj6_-gwU7G3K_oOasOnW8EturxN8Cob38Xgnd8-zxhjxlcO4hnSlhWU3xarNdZy4zMykegRfk_hOdrzWL4Hvzjbx1Bpr96GWWihTSbI2osKrcvoWLIuQqTDToqQYA43k2LL35wqqFgzdUSAmXsFnjnsU1gjqwJTRwb-43BgEa5ewr5yEgt5qAHgMY2MBh4zMi_S9HlN3xn8_Z1Nh-qBv1tzL4adq5fCYlJ3UASjOn-oboSrlcs50V9YovcFZPmGZgo4g-kf7TIusBrHbTDiIPh_MqmRZm3FYO80a_xUs6_xA3-XVjraZgFg1a10wOxy33pcey_zEl8X_A1irq6xans040e_LKhJj7DONSJZ9my5gB80ZIIKLHh5m7pnaoobbtiwb7u058Da-Cv6NyJS0bppklucY6-83wmGyyNEW_YCCU8j_b-a4uv1CIK6WJAP-dzGWykcd7uxJiPpsuKgSI05_yTa6aNqPik_C2Za_R1ZXCtrKznOkqKwNYnNVec2lev7QAlT4XQcyXDISAqCvEfZru-QlauF5zEUBQl_Nf_xlVA86hNdfJKHPkTOH5zK8tqnLZe_AM0iYZwTs8FS6whwZEyYjmU2T0zJXlHnnHF9KTA9UvgK0c0y4A-W6wkCsHuyTUJbh0pWFiLeLd59VfLCU8fNoQmgIIaQj5gL2F55vbpteLO7BMmDK5MH6QdPQLKUPuaqZLxzs2AvqKkMKkKARjxpHXsyjQ5hkijl1T3_lxvPOlvF1EN-GMynVPavpmhy1RlxQtYjacPy-S0vtxjwVxsqdB3REkX-aAZDozCevnD8jGOPUSMd7sTKTAhWUj4_Qzhk8YEE5UOLBNANkAirup0rJWonZyS6j5tP7-1hpjKBvKAZWRl_7ksv4G5AZ2LuAQTQR16Bz7A9hp7SdtaO48BLmWh_X7uEqUnMVNhpvt6ytJhBJGT4M0VwXGmnu4yheGTOKzAIKIyQbwyAEYCjfMt4&sai=AMfl-YS-Uqwr2fnrZ7LQ1PD8PqTOgWtOOu9jEvPavJ0P7BxLhrvzApCgJ45dtcLm1nUQKc78dixlA_hK1B4751t_r9RbmJHpc0yEwS-xRtK1Wn6xTUf0CCmrsfEidvaW_zK8iuiFVjvwm9ShBpYgt0Py316SPqDdXyKcg-p7ibeY-Oq1RvZixETLa8S9UixIc_RCAPa0zrO3i2J9&sig=Cg0ArKJSzCtQJmkxLr-7EAE&uach_m=[UACH]&pr=8:8B9ED9401062E773&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=276&cbvp=1&cstd=266&cisv=r20230517.68695&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CC7B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 10:36:21 GMT
usync.html
eus.rubiconproject.com/ Frame 4134 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 09:17:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame CC7B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwXPpiEC_AxJdwvHr0gSuE1oPWGrCWX8WDpdOT7HPunbp_Y0bpmLjE4QskShLhg7VEvsJe31kklU8njbfM27QsXKLg4nko9lqW59mZGar2olt8hYMmFvfq5FBmOXVYxS4HyTlqjKOmX2czmDjfxI0BdkqtH4QJiEBYBJlCI42b7WXiNNkunGE3aPF48f9gKm9rqVNJyl-U05kCMQTxplhKB07j4NB-DzEJXF1EdgE53bm4zRbfj9-PaWgJG0FngPuGwt5d1N3OyAigKq07Wc9mCap5-GSFf19ey8Tg2ah_LonSr7IgYB98vJtZUztAKE2LfPe3Mb6zhzT_sen3QQ&sai=AMfl-YQtaZUv241MQ3myHbi7k9HAb1QrIxVqp_DI8l1ua7lDCyICi-jgCGVX1TAR_g38ja1jdXTEvDnbTHCMnp3LxrIsegzMyoHCT3a5FwKYRG9eNEC8bSx7mpVh9KMJ9Q&sig=Cg0ArKJSzI4qByed6etxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:28 GMT
truncated
/ Frame CC7B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d6717d5f844aa4d5570e09ef3deeb7bf68a0ac48b46b2a4ce2b8557fa9a8a81

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
1676550659977.css
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 0642 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143028
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2341
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 17:33:40 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 0642 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 07:18:46 GMT
1676550659977.js
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 0642 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 05:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184805
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5491
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 05:57:23 GMT
usync.js
eus.rubiconproject.com/ Frame 4134 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60304
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:02:32 GMT
index.html
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 7811 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2270
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:28 GMT
expires
Tue, 21 May 2024 09:17:28 GMT
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2438 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXimER4CD0_bKg3JldQJocvI6atBotxUx8L8mstve4yI-u7WY7iQ1y2kVKOAiNr2lDBGoqa8FJHivYCgIkVqtUU7JuQymQZUiWgigC9IBKpfcwHLkxcvGPjcHZXHThh50voG9rdQzsINvgjM-PDT3UpFPNKnP98L3_TAvQ5cS_GVkkb08W-JmJB8qDylWGuqT2QSLNAylJHFf9jfoyH7rbit21Iv0VciiAE1rEMbClt3SrdbvWTxE6L1apqBeNU-OhS-J0DHM0JTXyVMc7jLaW_L-isKS-WEMTozG-vOJORtWUKMwrCmzforGmELkUkdMiXtiQIFsBPMS9_4oOxlOGHjUu_R3nLfFrbfItajUNZ2zBxGXpGzG6mkLvenpR8StUXzRGNkE9JbnX0GWaEGx_4YrEfMi7u6zbf29qUio8xea84p5bfdoYrf9EB8PkXBD2xn1gRbnB0blqR_CIaEEg5V9whCpjqtNwoLcEJ3Y-XqYRw5NUD7nb-EAACqXqDO5aqZygpfQbNYo47zgf-q9s6USXb4tUC2vOhzi_flaEF1Uzd19xhqFtYWnhNc7HUwTAW3u8ANGSUESEKwt5YEYBXgjoKGOm3WBjq-i1T4ncdSxwgaOEWyzkjyoNyggAEgIRjCsw00Qm_ur1NTAx8C16bzfcwjw6VoyHamE1ZWfCvHiEtP2phbDlhft8PJPxjy8iP-rBkLs5EbSTqRh71ktjTvq237hoeI-14qXrQSzbJzMinMX_9TNbbRB4CIHatpso1TTgTlb5J9FENVkCRgDU6PSC9CKOQiseT6dDrCIeqJ4WNDovi03JelQhqunumvtZxTYE-fVPGW7i7gdPhp1XLPwDYUXwv5YVhUyYSrL-oPO7oAsjHYxFdHcLQIKUBbG5caxB05DiUzDC6dlwreWvnc3PEN6dkReiN_xFe_xbkeKYaZBvBgtbq5peTcPK6dERPjOAOVFyknJMOfnqCGKuCg2Pe2G4GcWI9m_qdGkkCHXzOUQZRuVbKePPQRHraEnOJD2LMImrWThKgWzHlAxVswCo5JlUfgDzjv8QGnjtynZThYYrACp2lvvxAvqcprKXPm6XVLc55gsfHse65LqtyiKzJcCYbIRvdiY5AFU96rdoZZ1N3Yg7XuCbzA5jtrv0Ryc-kI3_GE4RwK7PC5_BJCBjf9QEY55GR1oOwHh91CS9zELSsAaEooH94tTUFpWp3m3q7LHBvU0fHdRdKYv3xwzpwFOp9r6cmKcjXzvX&sai=AMfl-YSyeeitpuCo_YWSy5_ERAsHoEnrGoIy4jIxlriFRrx1Kh-ITfIPJ1Mmkt-Hsf0c7kDMjZnniGfriXX54ty5m6d5sB8rr3fb6Pc95LnikKwhWQwZ8O5WSbyqkdDiNMau2Ea7UssEvQChhTXw4IGFTOCsvjv5lmi_iVn76XVuK-IZIrfIXjqCn4r6p73rAKTC6WffBN1PHzST&sig=Cg0ArKJSzJVkpEVK1G6JEAE&uach_m=[UACH]&pr=8:8C6803FC981D8CE4&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=313&cbvp=1&cstd=300&cisv=r20230517.69377&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:28 GMT
generate_204
tpc.googlesyndication.com/ Frame E9FF 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ISiRuw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2438 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 10:36:21 GMT
usync.html
eus.rubiconproject.com/ Frame D623 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 09:17:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 2438 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQ-WdVGMjHXjgJ8zzQNGkUtayyIxRqO_8DUW8s1LbPAxz9i5vFwCjx7JNg68FbcNNUg1r-8_6_oxsqobxt0oDpjUaRTbmERAfjUHZpreYxME8gpERXRSlOIllKlhQ_x0Bl4FjCHEa4j4maDz3u0d3heeygGoffy4xx-i-nJF7tEkYcBpMqDdse_nsrFzYOjelc6KTL4Ssujch-605BB7IRUGPLYctRFicaFI_PzmYEU5tQLmn9RSOf6rL24ee3PkmxpMnZpslHm2oceaj80B9AawMsC7lbpsg9uOo2znMwPkVSyG4HQanAFZ1g-5ioavEDegp4vV16FeVXYWvqbw&sai=AMfl-YQa6WKUQ4Bv1HF5LJXWwAWtvwv6YP2CWAK2K4OLN_tgBqBuq-56b422sX32-icflJx0QLgCavzGF_ZHN4mGP_mQWj4PjxPO_HhoH8OMsjffwqkUSKS9VARAddmpkg&sig=Cg0ArKJSzPFcLd_sjH64EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:28 GMT
truncated
/ Frame 2438 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cde5d6ddd360343295910a282d569ad647bbe86a94cc9244c1fc776ba8166d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 55C5 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2270
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:28 GMT
expires
Tue, 21 May 2024 09:17:28 GMT
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AA56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZ_t7y3lZ7z8aIa51tojPipD9jiIsDHcrPC4l8irhgbGd9JGIETR38SW6oeS1AqdlwN7qAKHG9gR94bfX-pFQ8G7HxLK8a62El-2SklDqPveoc-YMffMAy4lLAemTKRr8XXWQ-5jzS_ZooiJl0yk13WFUCtDc6XXYD42V-fuTPUJBqIc56dWdj2PC5fKupkQqxgl6M9BRmtR8dAZookx81RUj09fyz5mthywvyfxMFxk8VwIEi1-OT8cz5Vg0mcyrseqXFRLpt1h769UxmUSYUzJuLJRyQhJC4AHhhE9beew47MzKqWbotAMOTqe0cbEF72v-vkfOGhUoMw7YxLX_PpPO_RQS_WFrfO2zpdIjIhRRqEiTYE6wOWDexvQHU6b6buCDqBFwCjDW8nTEDLk_KA2kbA1TSPhTirnY8U628EpKJzXTzE19yfrhEaZiUY5oB9ZlvT6ZyG6ughmg098xSZbJgLZJBApIMx584Mfy8GCKt4ln84hXqZsoSlMp1o7cfTCyubxXHsowu0hhCOoX332yR4eF-lk4JLsgPncjcbz5IissF9KKskVzTH99J4RSdKqkp1YD0N9dTJIH0L1vZZ4oWXNdH6NDX7F2qf0kUHP8muOTvB8xhLl-eV-r2LdoHp3FMr7SxuyMyzAeGRdtVXPFykncXWv5gI2e24YRv2K0ezOI7KI-C_DJvSmWXOvUsGXoF9Qspy5uqlVEthxsKdaDfEyF-6jWUxqKYT2PJQao-84hUL4IcbVO0Bsopg9flI5AEjW5YYAHa_VjCUJKHHbWoYQ3bBhkYyvtqIlHT1qEkWMQjM3UUHoDRdrObnZ9R8C56wVSZTDs3FFYoVwHYX702ECAuN6hyjeCDny3ZDBqOmCQ8IMFc0_zepD5ETIwrMlvn0hpcIs8ku7OizuIKAGjFwAGUgg5DRvI0osmyyYKLhROwcvf5-E7oXwnvX-2dMiBTyIsELtbIBO2-w5aWnCOe_Pl1c07ogRcWbIFcdBRWOmuiCS7GNE8KvDqRrTRiy9e9f9fqca2LnD6jTQUwccQsdUUhJTx8eB3CqawSaBg8ukP2xIffW_wwHYlFsKOO8VDsF4NkZThYk7_A8BtpRpX3iwcTaModqYupcL02o0meZRxUsFbFgeO8g6U79oPhQSLWDWTqVxhtc-sDCV133FfMsRQztf8-ZoEwdGIoatpCdCoVa6FhkJ9msZ1rv9A0wmk6rApwYLLXxEKN-IjOrQpi2ltMUdvp0zSLinNlloE&sai=AMfl-YQLqg_ZIaEWuPjvnewGiV1_uc7UkrsfurolpSQvST_NWfAxdPSrKk-8h2OhwOxkVKjUU7HVPcsgUvBzzKDgDXrP1Dg1Dr6cjk9EtSBnwcdxmFYlrZ5nTXcuaLW2FwCeLFW4EBVI93VSAWqSHDv52o71bm1B511a2N0wdizqfiGW_R4pyq659g28bnwRzvTw-7xGfC3_3pv6&sig=Cg0ArKJSzNZhEVURE0mcEAE&uach_m=[UACH]&pr=8:4D3107BB9D3AF79E&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=613&cbvp=1&cstd=597&cisv=r20230517.60167&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:28 GMT
index.html
s0.2mdn.net/sadbundle/9548364509937149214/ Frame DE69 		15 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2270
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:28 GMT
expires
Tue, 21 May 2024 09:17:28 GMT
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BE9F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5Kh4ItNMOdAyfpU3qJud0FwcfsGop42TqfhPcmcB6AFMP9T91tMdpLOBsZHvmskMkf_tl8Xhryq6IJEM-P_iuXoYhZOwHn-oR0HGpDliH5KkQy6KtlNWGEM55m7s_vf2Evh9KPrqm0M4OIvyjS0XxzC66234TMEQvtB6Bt_M-tEGUjQEp8UYVXX8ntwJke6us2tmfDhIEEO7gGV7hHC28lQQFVrPHuP1DTTpGhECWQiarw0OC0GIc1yKt7j1xTO5u28_Y7n-EkZLAXvA5PPdSF2Qriy3fTAZMnChcTOpgsZ8w2yLuCFpJHt1GBuy5i3wrwMZJqsh1z5AXMnpIoV9eY8Uq8rk95RGaIjjGkEaGCWzZN47GvrlXvNCeTgy6rkQpAvQXhuCtjE8MJBzrzC2TiJ0ofpfRTDMSEFcQPan6fI0qT17_d2rfr39vA1OtOBF_E_13GEOqi8p6ZI5hRKUiECTY4m0_-ymgBcrHwayxIeWxUMHUijxX2sqqMDFuCIzjic2ujeDONg4JAhzxaTrJJ-CdLM4sInzPTiX4vy2TGLZWbM1sDV-5FBdhDXQejfmLmIRNNpfdyxp9_1-PZDkXDufw8tqUWCWEdvem_yBt279svx6nZwrxXNTG1TgJK-CzWWkI68ohZBH2gk1nP_OBi2ktYbal1Vi-O2hKUf7shDyTond2nmr7-5D9g_FDJbazlp5Bu6p5IHCbaZgmGuAOW-Xkb6zExaKdUkSV2VIjpFZVEmghIZVXrTxCgbbu-8pR7e-cDlwZXPyEWmSUCwBIrw_qOBlpZvtJoNQOzhxeUMvdZnKhGyxwuaM8aN2QJz5OhIWbQHe9gmfJkQV8kODgH2Dpte8SAPuh8so6H20OAdi-BmMJElFYFwnUcmK-rhgZJ2tTMDlHnZtsT-Y0IssRapMciGF0sBkt4XZkKfqkCv3dO_fwf357E3VCXWA3Q-2mzFuO7918zOr160fLruZQI5_yMdMagOkbEkdOuns2njoGAJi5-ynIbcshs8a-9rwubJ2i7amvwBGJbIWUNBQe6L0TtEptwEUeYC8TPZIY45rloqzVPVTapZU_nSISTZQy1qCb27Oe-_vWoCThMmCjIwgiHSIo8kigBgrDuNLZsmr5PvbvJf-y8Xn4F1BlEOKoiteOvmLctQUu_xTRQs4VEEyqoA1RJkNKgxmt8mc_EoQZ23SfyzsDQ82s3JSa17fk-MWFzGmQTn4El1iZsTJktjBHRyDYogDYrIWc0A1Z&sai=AMfl-YRrTJ8W7UN-LATIcRliOe3XwspIc-kjtleShWs6fQzGQGraxgKEnDYbcbJE1X_XEF12-OeUjUqHBIPW-fkY6xAYqSnAKAFy4U0PxlWhUBDunUb_6IKn1CSaOwkBQ4gu6R7UTHphW52pFS0xeS2MbYVoC2qogDn1BACxw7g_dbFBwk2hgSADz_ySSWqu5v8g9wscA40dUhIl&sig=Cg0ArKJSzIMUymQo5tMeEAE&uach_m=[UACH]&pr=8:3401B9DE316FEA13&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=605&cbvp=1&cstd=591&cisv=r20230517.15747&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 May 2023 09:17:28 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:28 GMT
1676550659977.css
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 7811 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143028
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2341
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 17:33:40 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 7811 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7122
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 07:18:46 GMT
1676550659977.js
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 7811 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 05:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184805
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5491
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 05:57:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A184 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=3172209606075871&bg=!8POl86fNAAZ8_aWmXP07ADkAdvg8Wtdp3IxaQfu5lcvigaroir9RAE6av6cIhBOrZETsav1Qm9vusW_rIZpz7dAmbyvjCnEZfQgCAAACrFIAAAAEaAEHmQLRmeQDg42P8KohzsIwpOQJU3DnTlmRKJ4zwCl0A60lStuK7eoOWDDXEp_suLkJqDVGjpIGMbwF8hW7-F63Ss3nL5CPW0qxBxWrqdeDUCK2wtcJMH8x_tdcYhrjegsDZqAVjHpeU6o1upOjTNzOMBw2A3YmPyCB7WsMMx-MSWJnhK9bINrIeij5axl0wDfri-AZ1lQ0B6fM-qrxGm-yMkKO6OAwWfGuLMRWLZWYbScMKlk_j0y-xcIvIoXFnwAT2XG_cbctxr92L8jfSLWuSNg3qb9GdMp_kUVuC0P1My5ePc9oMss6AMRqG5zCYlOOP9FJtxJBJGKkbozzkijm5xzg2D_jcnBCzC8MgnBT55geU0RepKu9YOWF6bNMTTsGryzOgTRtn0GdCHoqyYtMAnGAh2Y7A6hhO3_GRBMsPoAWo3LDbsrgSzCg4pcYbjfSqX_bfJq8R0h-5RcsUtJe5PBeC1BMJ67lC-IiyP-vdp0iYYpPD9c3yeKihtKm0oOcWY1wXDaGs8vzQCvBQktrtKyT22qC6MpwnUReAPIPaD1dmkn89FxZBuMPXxMtz_azPFMyj6EaBUICKB8-CL8brb-xe25FQ4NOAL6U8rSL67evGPA_MgoSQgVCnGVEpAbVPGg3VL3O0arQLRIHNWICcmnFn3pVxnqJ618ELTOOTH7OnwAL4R2v-qoNrZhu1pT024ywGsCW3S9RSWZeP8AdzWavy-C84g3P3OjpvFB30o2ucjbKJ566vozGuB_L3bywN2Pkb1ZPdE10YRyQdPKHi6nGOqd7BfhF0yIIQHzvAf-7yLS3MDoZY6yUHDOeStUyWO7YIcRjJ9thfn5lrf9BD9j0DwHyUQl5IVxeVO35rpiX9KTpu47xeQw67KV5AxplpIy8eA2dusBWpYUHfLEafTINnPKcz-T-M3AnPLM2A05zHBXqRaDck5Bcw1L4LA6YCK_Z1Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B246 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 10:36:21 GMT
expires
Sat, 18 May 2024 10:36:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AA56 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 10:36:21 GMT
usync.html
eus.rubiconproject.com/ Frame 46F3 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 09:17:29 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame AA56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoqdVSS1y0jqSaklkt_JpZ3_RVZQ5V9qCvhkIJ7C6Fom_plCYhTyZ7nwJGipjJGgUUxP7V0PB5t7hd05uLOVu0d8pdt4eumWCvaEpmfUxm7gi_oNGhai7GrJo3ryTwMvioX9ckKn9HIiYG1-rlcTWqUWbmXGshXvN3nyENbKio3zahJ4gjF5yF3LSjONlcNll7ZJr8lTocGLYQVxsUM3_tR2N9K29gUw1ket__ttCikZartQjUD4G7-x5-BAIu75WvibDB719j2Rn8_WAyFf1Zj7sngBrgoNF25sNfx_2WxPQZN3_ZX_lFWny91RjlvEMrnLAf6gdL2UTTlRxKEQ&sai=AMfl-YQqV_cwetUxaVP8KW6nonC4lFL_NxE2WSMTEwzcSow7kHn_jwtitR3t6hyc6mEkqsDg4R2pS-KEIob8OFAfNhMLPk9xAMwhYW578mQnaI8xeRDFipMiKAcVN3stUw&sig=Cg0ArKJSzBIQcsczX602EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:29 GMT
truncated
/ Frame AA56 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
000f20079e1db1fbfec54cd1678f9804fa918be2770231ef94113ce143424a50

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BE9F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 10:36:21 GMT
usync.html
eus.rubiconproject.com/ Frame 627A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 09:17:29 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame BE9F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslJlornPO8MVKkjQKBrgvS9HHC_6yfA5orcplh0rymPbemfbwgHULVXRB6eKGNazRO0mIZ2X8so-GRzQ7GGLfuKMmSCslxzfa1GZML0l_mLjmaBp7aYrOa1u0rBFP7E0J1Ay2XeFcJY_Y0DvSLuj3JBh9Yvcf_BIyTzWPHWRv1rrJk-qKVSwcIMZ7PwfH9vXz1N_Wppb_P0VWei2JeRSQxq7Jq9N-pWWKWH-UiTaDjuT5DdpRGt8Fj_S74LbnJWj_v_X2PA7X4ZLgDGxEODXj2r-I3y5SD5opveDVuA3PEEqIdt2QQy2RqQw0JAUGeXZ3Ie8pyVVwMcsVcr4G7uQ&sai=AMfl-YQH1s0aOnrE2VY7AkVPQuQErvObWvvmqYlIFrbTnAGVRg65xtgz6UcdT8GItVBiPIUxiA4qA5Jge2LTvEQCdCX1hp6C6QfuYFVp4c0NfrANzrpSifB-A4IdUd6jyw&sig=Cg0ArKJSzO7EYSZa6L1FEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:29 GMT
truncated
/ Frame BE9F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba24ef53a29e6a7d3645d187106ddc4ec59c39f43bd0387802eddd9d31fd0991

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame D623 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60303
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:02:32 GMT
1676550659977.css
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 55C5 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143029
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2341
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 17:33:40 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 55C5 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 07:18:46 GMT
1676550659977.js
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 55C5 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 05:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184806
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5491
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 05:57:23 GMT
1676550659977.css
s0.2mdn.net/sadbundle/9548364509937149214/ Frame DE69 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143029
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2341
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 17:33:40 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame DE69 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 07:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 May 2023 07:18:46 GMT
1676550659977.js
s0.2mdn.net/sadbundle/9548364509937149214/ Frame DE69 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 05:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184806
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5491
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 05:57:23 GMT
usync.js
eus.rubiconproject.com/ Frame 46F3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60303
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:02:32 GMT
usync.js
eus.rubiconproject.com/ Frame 627A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60303
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:02:32 GMT
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 09:17:29 GMT
content-length
0
vary
Origin
logo.svg
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 0642 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238349
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 May 2024 15:05:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 790C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254468
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 10:36:21 GMT
expires
Sat, 18 May 2024 10:36:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 178A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=3375046558904824&bg=!xMelx5PNAAZ8_aWmXP07ADkAdvg8WsPcQTweRmb-H956wEBIxrNrs62aLqDWeZ-v2rtibypNl3ovB3rdlbQyWZG31Jpdk9LyGD0CAAAFKVIAAAAEaAEHCgAL7ysqe1Vg2NOdM96ZAtHrkwut8NsVm5LNZiQDxgaQDy7d5YnHywUBl4-RGmZqPExepfiqgTY3jWVNt3Tv51bdjsscjzSAVmsdKtSVT54EKWMPWJOtCgaPYmaAoQCmDAUtoxHtCRjVLztwbbDaqXMu6AsGj3Nt7-QQIAKFwlnkSJuu6qjfxBeOgQAWK_4RBRjye56vb8tP-HPtK3QFZStmMA3q4qo0pSTAj1mMrCsuYdP-FOKhkcxB1xZRG0du9IoPR7l_tWXUHpH6Qg21vdUSjZrJp-_PIHE01W5kwjvlTHO3E2RbU7m4J0Yxnzz810uTc4uK5FhXnrJne5llcG7CznIiiZlcHo_9qWJ-cgbynCZjtWY0YSIFfh8XvlUTaYmUUr0kAjmFsuytZpvOaCaRnsdG_D9SpXOya5Jgo2Hg4Yk1EyjuUT7j1_Fg9ACSjxqdoZj0j9Vyvh-bfclknLEx_Jc8ciR2bQn33c6jHCZ17D2ok6hytaNkhUHx-DdB0wXDOtU5MhkGqaUfOEG0qlhiLe0bobtha7kAddgz1qzCw1fF0ssOq2iuhmVPjh4nlaz-QOGxKb_uoxXDqnfplZouofROBLO54mCIkufKHAEbCm1v8zurRtmw7u9-OMYjFtBtOtyMp8Fy00b1RmvCj6BMP_I4B5q368mXAxTw07XqgmUQLqX91gwCC8pR8Y0_EgHCNh-B3qMti0EwIgixxMhnroHwvJfgfF2Y8JWxPutGPA7m11-STBzX0Ttq6jqSmo1_sQAGb5x1kWb4sQ0uLhqLw70r2H4jCitlRB5g1eT1olT85hQ_gAzFSJ-Gz_c0dNelk3rVmaMrtVAa4yqhr0m34oFFU3fx6KV2v7wTYGVuRlnhOz9d8oSch4IQpJv2VgnAwj1c2ESXr-2rZiYVJOxL9mKYJsPkMuFVVZLqSk5t_93X1Xs2To0Q9H1SBp6WRzDnP6TiGHzTn4Zq0gIhnWSO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 22 May 2023 09:17:29 GMT
content-length
0
vary
Origin
view
googleads4.g.doubleclick.net/pcs/ Frame CC7B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSMRPyTbXu4ub3_KlB910UEU_Hn6OQ2saIMhtlhcJX7rssPJrrZ4TJE_iBJSjcRWe7bIRlWhYw8kCWHmSB0qYvHHGenZYUVezJEGlKSaR8Vi4Io1aZaJjSxccMdB2k6Fr1Ni6lvWHvdbBf2MKuNMYxbsVlY_0sDBrOwMwLpEDfspmmMi6Yl6LqHvsesKSxcOw1XPvj1u-Y-1-hAQY9dq8s38hL42GI1SNwwHltmlvtfx6E3qZ20KyWB4_IyoO51UNdNDkRB3Ypr2QCF6yDcj6_-gwU7G3K_oOasOnW8EturxN8Cob38Xgnd8-zxhjxlcO4hnSlhWU3xarNdZy4zMykegRfk_hOdrzWL4Hvzjbx1Bpr96GWWihTSbI2osKrcvoWLIuQqTDToqQYA43k2LL35wqqFgzdUSAmXsFnjnsU1gjqwJTRwb-43BgEa5ewr5yEgt5qAHgMY2MBh4zMi_S9HlN3xn8_Z1Nh-qBv1tzL4adq5fCYlJ3UASjOn-oboSrlcs50V9YovcFZPmGZgo4g-kf7TIusBrHbTDiIPh_MqmRZm3FYO80a_xUs6_xA3-XVjraZgFg1a10wOxy33pcey_zEl8X_A1irq6xans040e_LKhJj7DONSJZ9my5gB80ZIIKLHh5m7pnaoobbtiwb7u058Da-Cv6NyJS0bppklucY6-83wmGyyNEW_YCCU8j_b-a4uv1CIK6WJAP-dzGWykcd7uxJiPpsuKgSI05_yTa6aNqPik_C2Za_R1ZXCtrKznOkqKwNYnNVec2lev7QAlT4XQcyXDISAqCvEfZru-QlauF5zEUBQl_Nf_xlVA86hNdfJKHPkTOH5zK8tqnLZe_AM0iYZwTs8FS6whwZEyYjmU2T0zJXlHnnHF9KTA9UvgK0c0y4A-W6wkCsHuyTUJbh0pWFiLeLd59VfLCU8fNoQmgIIaQj5gL2F55vbpteLO7BMmDK5MH6QdPQLKUPuaqZLxzs2AvqKkMKkKARjxpHXsyjQ5hkijl1T3_lxvPOlvF1EN-GMynVPavpmhy1RlxQtYjacPy-S0vtxjwVxsqdB3REkX-aAZDozCevnD8jGOPUSMd7sTKTAhWUj4_Qzhk8YEE5UOLBNANkAirup0rJWonZyS6j5tP7-1hpjKBvKAZWRl_7ksv4G5AZ2LuAQTQR16Bz7A9hp7SdtaO48BLmWh_X7uEqUnMVNhpvt6ytJhBJGT4M0VwXGmnu4yheGTOKzAIKIyQbwyAEYCjfMt4&sai=AMfl-YS-Uqwr2fnrZ7LQ1PD8PqTOgWtOOu9jEvPavJ0P7BxLhrvzApCgJ45dtcLm1nUQKc78dixlA_hK1B4751t_r9RbmJHpc0yEwS-xRtK1Wn6xTUf0CCmrsfEidvaW_zK8iuiFVjvwm9ShBpYgt0Py316SPqDdXyKcg-p7ibeY-Oq1RvZixETLa8S9UixIc_RCAPa0zrO3i2J9&sig=Cg0ArKJSzCtQJmkxLr-7EAE&uach_m=[UACH]&pr=8:8B9ED9401062E773&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1413&vt=11&dtpt=1137&dett=3&cstd=266&cisv=r20230517.68695&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:29 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3380 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254468
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 10:36:21 GMT
expires
Sat, 18 May 2024 10:36:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5D7C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254468
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 10:36:21 GMT
expires
Sat, 18 May 2024 10:36:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 8A11 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=2017429512034419&bg=!S0ilSBzNAAZ8_aWmXP07ADkAdvg8Wuf_qek4l-vejgqGB-euCPXm6TVMIUyT78cUDPL0JcEFTUoNB24p8ww6YLVUdrCFjCFDpp4CAAAFxlIAAAACaAEHmQLQ_jGMsdcKYjXtHou-hTFNPBOaVTFkRe9PSwHIsb4NFHIDirJvVvs36lHg66HVEOUaDCPSVQ3o7yZDL48dA1atNW-_qvrAYfnIYDl6oaDsx9VvBjc9BEyGNaDtFjDjDQp-ZRCrsiVptiLjifrKIbGtlUnOxIHPwkozUF4ddG6q05REikHlQ0IDMAZi_0A-cg8cbqr0AKb631Zm3SA_6G7jmkfHndeSxbXQkvSvmmNIcryso6HtkG0jfif7rIj7FCY45qldgQm7ODIEZyo9u7Eyb8kiI593nJyA9ilbotfwCMBgQKSiCvFc-zlQpeWLaBIKBEgtqhMKXpnPkAmtn4n9LHq2mz00ivWOX5HnqNwRNkU-w7aFab3QRZp7Xn_RmMLyRMmICrRVw54-SqDciBSpiRfkMCwLy0urrxIGW9dx_hEvMcXtetrylY0bvAGAFCoA69quTGko3RWiFfoUVhGadV9NzKjDfvQuCwk8mJ5Fp6PBipq67Do_kziQ4orhbLGtUreuoCj6Z4_L-UlzrIVXsSFhpL_AOna7jfikBrGzeqmc1bxmTONZwvlSo8sIFlsX_2lCr8Evbqv0Q3Gy7Z_n9SSGB1KzGWo13cxbyLGAwtCzoIkkHH1fk32AGc2yiKwdf1gc1UMGjdIECh70dgeXFjJSQAE09XualIFX4fXiICu9xkOUZ5eKHg5yxQ3dI8IHCTgUhGy7RnHp2eQhKLj-F2QrEs93e3OIwhCtOZZvfbwGWu_OU0qMLoZebpQAuweCVg8kR2KJNrogdX5DyrS78yDlvyyf9GCitktKwCWT_RWrn_TOxuCBZOih0we0Pl-wIpjlCNCSNMGmukAX5cyCL4RCCBaySLZ8kjCj6fEvfluOQ-XmTjWpp2D_DRU2K0mnUmV2UtFihyaTSYFQnHB956iUaw5yONITxg8g7WrorLdmHdLVGpBIVwE58n9hQfra
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 0642 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 21:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 May 2024 21:26:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0642 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b02fd55f7b7fe5a55f756f0a4c48505bf11b7116f2adb2ec6c9cdde6fa260646
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5654
x-xss-protection
0
logo.svg
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 7811 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238349
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 May 2024 15:05:00 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame B246 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CC7B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssD0j07lt9elJm8I8g0rPBZGkRMQP9HerzsyFcWK9iizZix9NoAsNRx9mr3g_TlPkRxuG-F90593QQ26JZQcIAkwYZ26HwrD30LVCnZuZhoTInYzvDq&sig=Cg0ArKJSzMl4PACnjNN3EAE&id=lidar2&mcvt=1044&p=1110,436,1200,1164&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2445953488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747047043&rpt=1382&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CC7B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZVQVhT0OVJXHqAmLKbaZ7yGSmDUVciwJ-GCszwGqNiAWcuAHozjNn_qWUeytTad1KfJB0-moqaL5HZZL8DBlMtayt0vKNpTQ&sig=Cg0ArKJSzD6DXOdKmtpMEAE&id=lidar2&mcvt=1046&p=0,0,90,728&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747047043&rpt=1391&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2438 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXimER4CD0_bKg3JldQJocvI6atBotxUx8L8mstve4yI-u7WY7iQ1y2kVKOAiNr2lDBGoqa8FJHivYCgIkVqtUU7JuQymQZUiWgigC9IBKpfcwHLkxcvGPjcHZXHThh50voG9rdQzsINvgjM-PDT3UpFPNKnP98L3_TAvQ5cS_GVkkb08W-JmJB8qDylWGuqT2QSLNAylJHFf9jfoyH7rbit21Iv0VciiAE1rEMbClt3SrdbvWTxE6L1apqBeNU-OhS-J0DHM0JTXyVMc7jLaW_L-isKS-WEMTozG-vOJORtWUKMwrCmzforGmELkUkdMiXtiQIFsBPMS9_4oOxlOGHjUu_R3nLfFrbfItajUNZ2zBxGXpGzG6mkLvenpR8StUXzRGNkE9JbnX0GWaEGx_4YrEfMi7u6zbf29qUio8xea84p5bfdoYrf9EB8PkXBD2xn1gRbnB0blqR_CIaEEg5V9whCpjqtNwoLcEJ3Y-XqYRw5NUD7nb-EAACqXqDO5aqZygpfQbNYo47zgf-q9s6USXb4tUC2vOhzi_flaEF1Uzd19xhqFtYWnhNc7HUwTAW3u8ANGSUESEKwt5YEYBXgjoKGOm3WBjq-i1T4ncdSxwgaOEWyzkjyoNyggAEgIRjCsw00Qm_ur1NTAx8C16bzfcwjw6VoyHamE1ZWfCvHiEtP2phbDlhft8PJPxjy8iP-rBkLs5EbSTqRh71ktjTvq237hoeI-14qXrQSzbJzMinMX_9TNbbRB4CIHatpso1TTgTlb5J9FENVkCRgDU6PSC9CKOQiseT6dDrCIeqJ4WNDovi03JelQhqunumvtZxTYE-fVPGW7i7gdPhp1XLPwDYUXwv5YVhUyYSrL-oPO7oAsjHYxFdHcLQIKUBbG5caxB05DiUzDC6dlwreWvnc3PEN6dkReiN_xFe_xbkeKYaZBvBgtbq5peTcPK6dERPjOAOVFyknJMOfnqCGKuCg2Pe2G4GcWI9m_qdGkkCHXzOUQZRuVbKePPQRHraEnOJD2LMImrWThKgWzHlAxVswCo5JlUfgDzjv8QGnjtynZThYYrACp2lvvxAvqcprKXPm6XVLc55gsfHse65LqtyiKzJcCYbIRvdiY5AFU96rdoZZ1N3Yg7XuCbzA5jtrv0Ryc-kI3_GE4RwK7PC5_BJCBjf9QEY55GR1oOwHh91CS9zELSsAaEooH94tTUFpWp3m3q7LHBvU0fHdRdKYv3xwzpwFOp9r6cmKcjXzvX&sai=AMfl-YSyeeitpuCo_YWSy5_ERAsHoEnrGoIy4jIxlriFRrx1Kh-ITfIPJ1Mmkt-Hsf0c7kDMjZnniGfriXX54ty5m6d5sB8rr3fb6Pc95LnikKwhWQwZ8O5WSbyqkdDiNMau2Ea7UssEvQChhTXw4IGFTOCsvjv5lmi_iVn76XVuK-IZIrfIXjqCn4r6p73rAKTC6WffBN1PHzST&sig=Cg0ArKJSzJVkpEVK1G6JEAE&uach_m=[UACH]&pr=8:8C6803FC981D8CE4&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1367&vt=11&dtpt=1054&dett=3&cstd=300&cisv=r20230517.69377&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:29 GMT
logo.svg
s0.2mdn.net/sadbundle/9548364509937149214/ Frame DE69 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238349
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 May 2024 15:05:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7DE7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=3805444719741563&bg=!UFOlUwfNAAZ8_aWmXP07ADkAdvg8Ws2E_bWc_7oyGaXBj3-NvMQHuJ1w9vbb9vBYETlotn109jncS0gVcM91N_zgyLe5I0mhYfsCAAAFq1IAAAAEaAEHCgBMNKEhYpiANIBrG24Lutonx5azyizBJx_4VKd7OS2oOoQKvlHkA_5CpA0YiJL4YTNTEtNJP8eA7aF1J6H1v2-uUSCJYRfHLlQaWUhkSJkCyjAQlUOMp4azGcPferrMQ3fPjNWvGtbRaAmOrvTaRW8--WZbda16pXf-TFuTnsM8OSx35C_npzMMSgqykIgB9lKAVvQ6Th-2hYSJEfD-043zisdexUmKFSUr6lFn0012xvgtGUxboUq0HITUitYXmhmiWSBnU19dvx3PWzcR8QimHqZlzOfkz6alqiichV_DJ7LhxfJum0Hfsb_dzvjbThrKykzOxlku7T-mciY5HVz-q8kxAcvMYYMebrHPh8Uwq8rp4CY0koATszxNNsqzSlqfEYhxkfzo01CFj80NpyNxTY2zxfDAanwwv18EGv3KwOhXHLDTgqhkMXrBISp4Hs2Po6GCaBiZSVBFZrMW8H5H-AoqwiT-OygZlCOon22WwoDYFGo7FfRZfq1u45Z4oecqjqgaCM918pS7EyNFX3pzOuR2bIiPfhjjwQBdJwqDfb88gmtiFYz4r2miKyWfJsX3GINyYD9nyxnyrzwfbzxuvvU0pzBJ20FRXcwMH6Xxu6rD0Er0xNT6VYeMXtTsWQh-fEr6bid0-gVTXJ74s4OE9RCj-H3meW-TLy3D8f16bAbaoWKCaD5Ryg4HDaNXQT8unyGH8Ke1KCU8Uje1WCE72OfCppEnK36ZAUMp9N4Zr9X5L8ViFYAXcisb-8PS_hFoG9cDnp7keVlLXPU-AvOu_H7PgB1Um6lyvSQsNXDegBqDQNekiMJ3mKOd0J8Pp1zAgwFlC4nsf6WX1uoXpxJRld5TWC2u_ONRHKimSVTib4ooaLW1WFfq4pVV5-K-K1hr9E8wHbkqfu60z2dut0zkh7VL1dpNuOadbV9txLntdqVPVaLKFNFpsBaGKiZhq0dMb3NrFV1oKykA5mYuluK4IAYorLwItyVD4NGh9Vh9Ifc2pZIn5h06o7CX2s5IaRwJXFbNDu1t5YobhrGANmJIj-07YryM1ou4lw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 7811 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 21:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 May 2024 21:26:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7811 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d907400e72d3addb1d2b21db04bcc31731a77ae46ab0d04873e4dd96f99bba9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5644
x-xss-protection
0
logo.svg
s0.2mdn.net/sadbundle/9548364509937149214/ Frame 55C5 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9548364509937149214/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 15:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238349
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1359
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 16:30:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 18 May 2024 15:05:00 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 790C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BE9F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5Kh4ItNMOdAyfpU3qJud0FwcfsGop42TqfhPcmcB6AFMP9T91tMdpLOBsZHvmskMkf_tl8Xhryq6IJEM-P_iuXoYhZOwHn-oR0HGpDliH5KkQy6KtlNWGEM55m7s_vf2Evh9KPrqm0M4OIvyjS0XxzC66234TMEQvtB6Bt_M-tEGUjQEp8UYVXX8ntwJke6us2tmfDhIEEO7gGV7hHC28lQQFVrPHuP1DTTpGhECWQiarw0OC0GIc1yKt7j1xTO5u28_Y7n-EkZLAXvA5PPdSF2Qriy3fTAZMnChcTOpgsZ8w2yLuCFpJHt1GBuy5i3wrwMZJqsh1z5AXMnpIoV9eY8Uq8rk95RGaIjjGkEaGCWzZN47GvrlXvNCeTgy6rkQpAvQXhuCtjE8MJBzrzC2TiJ0ofpfRTDMSEFcQPan6fI0qT17_d2rfr39vA1OtOBF_E_13GEOqi8p6ZI5hRKUiECTY4m0_-ymgBcrHwayxIeWxUMHUijxX2sqqMDFuCIzjic2ujeDONg4JAhzxaTrJJ-CdLM4sInzPTiX4vy2TGLZWbM1sDV-5FBdhDXQejfmLmIRNNpfdyxp9_1-PZDkXDufw8tqUWCWEdvem_yBt279svx6nZwrxXNTG1TgJK-CzWWkI68ohZBH2gk1nP_OBi2ktYbal1Vi-O2hKUf7shDyTond2nmr7-5D9g_FDJbazlp5Bu6p5IHCbaZgmGuAOW-Xkb6zExaKdUkSV2VIjpFZVEmghIZVXrTxCgbbu-8pR7e-cDlwZXPyEWmSUCwBIrw_qOBlpZvtJoNQOzhxeUMvdZnKhGyxwuaM8aN2QJz5OhIWbQHe9gmfJkQV8kODgH2Dpte8SAPuh8so6H20OAdi-BmMJElFYFwnUcmK-rhgZJ2tTMDlHnZtsT-Y0IssRapMciGF0sBkt4XZkKfqkCv3dO_fwf357E3VCXWA3Q-2mzFuO7918zOr160fLruZQI5_yMdMagOkbEkdOuns2njoGAJi5-ynIbcshs8a-9rwubJ2i7amvwBGJbIWUNBQe6L0TtEptwEUeYC8TPZIY45rloqzVPVTapZU_nSISTZQy1qCb27Oe-_vWoCThMmCjIwgiHSIo8kigBgrDuNLZsmr5PvbvJf-y8Xn4F1BlEOKoiteOvmLctQUu_xTRQs4VEEyqoA1RJkNKgxmt8mc_EoQZ23SfyzsDQ82s3JSa17fk-MWFzGmQTn4El1iZsTJktjBHRyDYogDYrIWc0A1Z&sai=AMfl-YRrTJ8W7UN-LATIcRliOe3XwspIc-kjtleShWs6fQzGQGraxgKEnDYbcbJE1X_XEF12-OeUjUqHBIPW-fkY6xAYqSnAKAFy4U0PxlWhUBDunUb_6IKn1CSaOwkBQ4gu6R7UTHphW52pFS0xeS2MbYVoC2qogDn1BACxw7g_dbFBwk2hgSADz_ySSWqu5v8g9wscA40dUhIl&sig=Cg0ArKJSzIMUymQo5tMeEAE&uach_m=[UACH]&pr=8:3401B9DE316FEA13&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1359&vt=11&dtpt=754&dett=3&cstd=591&cisv=r20230517.15747&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0642 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:29 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 3380 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 5D7C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AA56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZ_t7y3lZ7z8aIa51tojPipD9jiIsDHcrPC4l8irhgbGd9JGIETR38SW6oeS1AqdlwN7qAKHG9gR94bfX-pFQ8G7HxLK8a62El-2SklDqPveoc-YMffMAy4lLAemTKRr8XXWQ-5jzS_ZooiJl0yk13WFUCtDc6XXYD42V-fuTPUJBqIc56dWdj2PC5fKupkQqxgl6M9BRmtR8dAZookx81RUj09fyz5mthywvyfxMFxk8VwIEi1-OT8cz5Vg0mcyrseqXFRLpt1h769UxmUSYUzJuLJRyQhJC4AHhhE9beew47MzKqWbotAMOTqe0cbEF72v-vkfOGhUoMw7YxLX_PpPO_RQS_WFrfO2zpdIjIhRRqEiTYE6wOWDexvQHU6b6buCDqBFwCjDW8nTEDLk_KA2kbA1TSPhTirnY8U628EpKJzXTzE19yfrhEaZiUY5oB9ZlvT6ZyG6ughmg098xSZbJgLZJBApIMx584Mfy8GCKt4ln84hXqZsoSlMp1o7cfTCyubxXHsowu0hhCOoX332yR4eF-lk4JLsgPncjcbz5IissF9KKskVzTH99J4RSdKqkp1YD0N9dTJIH0L1vZZ4oWXNdH6NDX7F2qf0kUHP8muOTvB8xhLl-eV-r2LdoHp3FMr7SxuyMyzAeGRdtVXPFykncXWv5gI2e24YRv2K0ezOI7KI-C_DJvSmWXOvUsGXoF9Qspy5uqlVEthxsKdaDfEyF-6jWUxqKYT2PJQao-84hUL4IcbVO0Bsopg9flI5AEjW5YYAHa_VjCUJKHHbWoYQ3bBhkYyvtqIlHT1qEkWMQjM3UUHoDRdrObnZ9R8C56wVSZTDs3FFYoVwHYX702ECAuN6hyjeCDny3ZDBqOmCQ8IMFc0_zepD5ETIwrMlvn0hpcIs8ku7OizuIKAGjFwAGUgg5DRvI0osmyyYKLhROwcvf5-E7oXwnvX-2dMiBTyIsELtbIBO2-w5aWnCOe_Pl1c07ogRcWbIFcdBRWOmuiCS7GNE8KvDqRrTRiy9e9f9fqca2LnD6jTQUwccQsdUUhJTx8eB3CqawSaBg8ukP2xIffW_wwHYlFsKOO8VDsF4NkZThYk7_A8BtpRpX3iwcTaModqYupcL02o0meZRxUsFbFgeO8g6U79oPhQSLWDWTqVxhtc-sDCV133FfMsRQztf8-ZoEwdGIoatpCdCoVa6FhkJ9msZ1rv9A0wmk6rApwYLLXxEKN-IjOrQpi2ltMUdvp0zSLinNlloE&sai=AMfl-YQLqg_ZIaEWuPjvnewGiV1_uc7UkrsfurolpSQvST_NWfAxdPSrKk-8h2OhwOxkVKjUU7HVPcsgUvBzzKDgDXrP1Dg1Dr6cjk9EtSBnwcdxmFYlrZ5nTXcuaLW2FwCeLFW4EBVI93VSAWqSHDv52o71bm1B511a2N0wdizqfiGW_R4pyq659g28bnwRzvTw-7xGfC3_3pv6&sig=Cg0ArKJSzNZhEVURE0mcEAE&uach_m=[UACH]&pr=8:4D3107BB9D3AF79E&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1437&vt=11&dtpt=824&dett=3&cstd=597&cisv=r20230517.60167&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:29 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 0642 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
age
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:32:27 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 0642 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:10:52 GMT
x-content-type-options
nosniff
age
397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:25:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7811 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:29 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 55C5 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 21:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 May 2024 21:26:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 55C5 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05674e6fb9250b67aadcb4fd76abc30bb7311cb8be7a93824a55aaf707c75769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5647
x-xss-protection
0
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame DE69 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 21:26:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 May 2024 21:26:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DE69 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b638be35733082ef9f7e5ef09b8ddd8e2a0a4c66ff23f6b22b1fd6378642852
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5743
x-xss-protection
0
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 7811 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
age
2
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:32:27 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 7811 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:10:52 GMT
x-content-type-options
nosniff
age
397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:25:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 55C5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DE69 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 May 2023 09:17:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2438 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxgVLA6Po8DnxG9KQjqx6_frH2FN_6OvPPYTQ64i56dq6NomG-z8HqINEeGHnKyhC-3oxXyMu8sMkRMRsucloYsqTVyCsDnUQ&sig=Cg0ArKJSzOQ-Ee2ljrsAEAE&id=lidar2&mcvt=1067&p=0,0,90,728&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747047167&rpt=1485&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2438 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstISbUi3uMV7hoHYSoYOcZ_dIa63xc85I-VT-ZtY2wdBbsmSk6JvZlLb4Kp1EkgOa941EARftWPzfK19g3_EPkAx5euZtjWdp7wpyDhYEPPeWrbqaJ&sig=Cg0ArKJSzNdg3p3KWDxeEAE&id=lidar2&mcvt=1069&p=1110,436,1200,1164&mtos=1069,1069,1069,1069,1069&tos=1069,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3272850789&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747047167&rpt=1476&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame BA3E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 0642 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dcb2727be74321d70c65674b69ef7f92fdf69452d83fc81cf560d0c357e87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 11:33:15 GMT
x-content-type-options
nosniff
age
78254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11400
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 11:33:15 GMT
03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
s0.2mdn.net/4528404/ Frame 0642 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:16:29 GMT
x-content-type-options
nosniff
age
50460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23315
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 19:16:29 GMT
dc_oe=ChMI1LfH5suI_wIVt5b9Bx2_zQ35EAAYACDpiJNRQhMI87KZ5suI_wIVwsa7CB2UfAMc;met=1;&timestamp=1684747049990;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame AC23 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1LfH5suI_wIVt5b9Bx2_zQ35EAAYACDpiJNRQhMI87KZ5suI_wIVwsa7CB2UfAMc;met=1;&timestamp=1684747049990;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 55C5 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
age
3
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:32:27 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 55C5 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:10:52 GMT
x-content-type-options
nosniff
age
398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:25:52 GMT
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame DE69 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:27 GMT
x-content-type-options
nosniff
age
3
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:32:27 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame DE69 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:10:52 GMT
x-content-type-options
nosniff
age
398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:25:52 GMT
03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 0642 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dcb2727be74321d70c65674b69ef7f92fdf69452d83fc81cf560d0c357e87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 11:33:15 GMT
x-content-type-options
nosniff
age
78255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11400
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 11:33:15 GMT
03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 7811 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dcb2727be74321d70c65674b69ef7f92fdf69452d83fc81cf560d0c357e87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 11:33:15 GMT
x-content-type-options
nosniff
age
78255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11400
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 11:33:15 GMT
03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
s0.2mdn.net/4528404/ Frame 7811 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:16:29 GMT
x-content-type-options
nosniff
age
50461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23315
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 19:16:29 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 46F6 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA56 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBDFZ8l4F5lVDKPIgQPxh7VpW7T97qTzYEPf7WOWvV9tQG-bFSk0kfvewTyccVvUTpdlD39Lhko957MqHiJkyrYCTgxaN0bjQ&sig=Cg0ArKJSzGohDrjSvsyXEAE&id=lidar2&mcvt=1094&p=0,0,90,728&mtos=1094,1094,1094,1094,1094&tos=1094,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747047235&rpt=1799&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA56 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJGyg1ntDjG5xvBn9IqiqQtss1__JQ4aeL8ULeTYWyX1ruwbtzhQNT3VBZz8xRY1JB7YvNZ3BAQuEVswBNEn19Gs4BYyhel_Ai3lFhmall9VaatZkX&sig=Cg0ArKJSzH5CqyVbnLMZEAE&id=lidar2&mcvt=1096&p=1110,436,1200,1164&mtos=1096,1096,1096,1096,1096&tos=1096,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1601445237&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747047235&rpt=1792&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame FCA5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 2B2F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C51 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=4285984129490062&bg=!pKelp_PNAAZ8_aWmXP07ADkAdvg8Wlo6RgeLOH_uwmscTYZaOegwYDNaf__hJZw8Oo7NoVIP7TKDfSp-s4yhj2mlFcypdd3NuAoCAAAIqVIAAAAEaAEHmQLPJs2gwOykjpTHimVzNyMWs86pGuYvou7UudywXOaHAunXgJVJZghkCpyDvwkk3vvUGgm7gLnlpsZtME21GEGt3IXSIbPpvDNX_RaT0lV_8k7q0oEunxGD_9NZfa2rC0Y2dZBZZmgfodJRSRneEJSHFxPanvR8RfVLeBd1hU9o5NhXMj9Y9Yq1be0lFD-fXdqYgWZblRc-VlWvY_5jiR4nlgiGRy1SuG1YmjqqPQG2nuy8KEejrOKF5haw5jF6P3HricRGblx2WQo85lz6dU7aoYhnDZT4JNspI9ca4KkraM8OhM8eWyWC9_-Z3sqeBgq63MmqV_nD0XhaSNAUlj-ffzi9zXg5VgIF2Ib-U19K1IItdMypb1JG5kARvpbNEBRb5TMfmLYTAxSEAxpnBme0EuC7tA4-lHE0cLdt-w-HYuxV0xMV78jKt5pYQ2SCfEag3t_S8fzHNkO6zcNBM61cSFQyZc51BCxQhqDHfXTYZ8ZV9ndVk0nICJhQxF09K590okXb1nv8qQbodZ5mugYODg7L5iakkwwLSRR4RqCyoaS45g8x7MRX_knaNGRWi9Gw8R8n-Vi9Pl4iEqd5xEBvnkUSlnfq9VebhdlptJjPWMjV2BqO9T5eRWv-eg0N5dZPxaebzvwqzEGvd6w-1wNSlZ8LMSvb63nummCDWe6pTJpRttOPF0a0I3OrJXSpwpkVaIU0ictRH55MfPoqWTxkeXQJE5WqBnpRYh7AsLFQjqEgHCYntu_wQ0p6PJWbpzA8NwXMceNmEm_C414v-g20eVfwi_2NsDqWanT3GnShkjDKP-kdNRlxHuR8ibAwv8OVbS0J38NhRxM-bEuV2OqCmD97ug_zEPjI31vaB9uTQFzx4auqcJh6WC_HJIQSpoBy3csWClQc1L4SnOokidZbuwp6T4Ofxgi-BesdL-lgPOVGXpsiWQUD34fSTgi3zT0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 55C5 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dcb2727be74321d70c65674b69ef7f92fdf69452d83fc81cf560d0c357e87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 11:33:15 GMT
x-content-type-options
nosniff
age
78255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11400
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 11:33:15 GMT
03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
s0.2mdn.net/4528404/ Frame 55C5 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:16:29 GMT
x-content-type-options
nosniff
age
50461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23315
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 19:16:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BE9F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTTF-dIqZRn4nwx29fctzFa1vT2vHVQ44AJ7ktAybiUukurH3zcKkau7MY8wS9nblZoosKsvfDJ06Xgl_ChhKJgxpNI7LuBEuUAMHLiURTHUv482cD&sig=Cg0ArKJSzPxprxLVlODfEAE&id=lidar2&mcvt=1084&p=1110,436,1200,1164&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3085048810&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747047280&rpt=1816&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BE9F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9JnJEELzWRu63ZsjV230KYDfugSXZbffa6YqSnU7uxZZCFbBDH9ft6iEIU_pvpxHH0AVTDKRTrfeq0NQNy6p6NtgUu_gqFvs&sig=Cg0ArKJSzINZCeLyE4v5EAE&id=lidar2&mcvt=1087&p=0,0,90,728&mtos=1087,1087,1087,1087,1087&tos=1087,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684747047280&rpt=1825&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame DE69 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dcb2727be74321d70c65674b69ef7f92fdf69452d83fc81cf560d0c357e87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 11:33:15 GMT
x-content-type-options
nosniff
age
78255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11400
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 11:33:15 GMT
03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
s0.2mdn.net/4528404/ Frame DE69 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:16:29 GMT
x-content-type-options
nosniff
age
50461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23315
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 19:16:29 GMT
03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 7811 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dcb2727be74321d70c65674b69ef7f92fdf69452d83fc81cf560d0c357e87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 11:33:15 GMT
x-content-type-options
nosniff
age
78255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11400
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 11:33:15 GMT
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-253-51.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 22 May 2023 09:17:30 GMT
server
nginx
tracking-event
api.webgains.io/ Frame E3EF 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.253.51 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-253-51.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame 55C5 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dcb2727be74321d70c65674b69ef7f92fdf69452d83fc81cf560d0c357e87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 11:33:15 GMT
x-content-type-options
nosniff
age
78255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11400
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 11:33:15 GMT
03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
s0.2mdn.net/4528404/ Frame DE69 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031527589-1456_180_intro_animation_kompakt_einzelbilder-reduziert-234713879-1673-4e92-91cd-089543780eaa.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0dcb2727be74321d70c65674b69ef7f92fdf69452d83fc81cf560d0c357e87f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 11:33:15 GMT
x-content-type-options
nosniff
age
78255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11400
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 11:33:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B246 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRgJCJzNrZO-jNcmQjuwP3MSyyAMAAAAAOAHgBAI&bg=!SkmlSR3NAAZ8_aWmXP07ADkAdvg8Wp5v0eV6k2e2oAvRN5aQqF37sCE4AD5g8Fs_52s26fIAzDeuA92gJ2oW-IFA3Tqnev63CWgCAAACbVIAAAACaAEHmQLXbB6AZyieSrwGNltAO3UrA5o9LTeITzJV2otN_IhC_lnXOVWLB8wZ_rikO8Gze1uT1jan2lV-j2LYQQu5wezDzgIWzTXJdULvBiP6paNGpSzYrzZekUfuyM0EL5p_qh3DQrFYge1i7zc-t8r-tGKxgUcGvPzuJtM2bZ8AYbD_cSpG-T2ZaltS9FqrkaPb_yNAI-4qeI6wgZ8ghDoSNOEr5Hv0UkOLkTXC1n7wQRatODHpOePJha6UZgX-IR1B7cUpHnHPaVsPsw7xlvbtPxTvkLsemMCdL3kWEZxRZGlocDtqcdX-TNBBTcFwZfDRAMWlvW06c30hXhRwB8weKGHriRp-SLlhlIcg0TVylrOfyFVJq7Pz9Vj2OKMFWMVWEcYHhAf3eg69_sQVdQ8Z8w8oJo2dAfIFarp6wbK5Ad5wn-f3E56z5kfxrb_Eo76pXqN1WrrLTSxEJpS7ARGf4-jp0C3WzVq29ihNnuQ5DpxTx-8i06ras8DOtHXP46bmHiHAmG6cMVq2W4-H11nLIRB84hRGwKI0yfUcDPlKf52e2MWNFIN1ZN_UJf64sWcBRmA2etb55Q7O49cWR4iN7FTILmBXyG2z0g0yvzOC9k9FvUrLKW4wwI0XnfxhV11eZdibvSlmOvR19T6Rs7C_UsWYp8oCWW__GuQe5I7CPHmNOs0n-HAKVQC2QTBVmyblsHKM9Lnr0nfomx7ge48POP__4mLsxf_moz9f6cbQx-luIcNoaknht9vZNpSLGX73n4clZlynWgume7LXU7kjts7a4oOH98vhtAhThU7zvFU9DDVBMPGeIeJfBnmFMlSCxA6s89DFMvDalaclXXZ4dMG84UiKzcrLO-woRcy0DuEVJfquovBuDLuvgcpGwjomWF5YYQzlogliKNvsUstktrBA604gmQ79HIeFdfItxWOEAlQ1TES2bNbEP5XS0FGcngrzZkVqH_M_rg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC7B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3603935988212&version=m202301230201&ct=76&x=8&cor=17924042302618511000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2438 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5008393724105&version=m202301230201&ct=76&x=8&cor=17662381457414310000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 790C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXLYiKDNrZLrXAf279u8PyJ6KSAAAAAA4AeAEAg&bg=!Z2SlZDDNAAZ8_aWmXP07ADkAdvg8WmrXWt-hZFn5r8Nz3lp4XFx8yGg5MJJaXGPmzZR293MQx2WvfQnQksQcw5Oi-QyPeQO1200CAAADFFIAAAAIaAEHCgBR1NmeBO6dtiqd3zxG1J5A6I4aDv78634FDtO5D5egTIF-ui9VB8_MoAnCoHSdLyuvRrVuSuOfif56_C37oCKyCk0eTmt-ZV30VfAbx0Ha4dCImQLTi2DctSHElf1jPlTRJ88-uUzhK6oQ8t0XvtQRskq_-0jCjj7OCAKM7nU5jKIHFMs7bjkbk3qp24X5GuQiO8VxgUFQ6WnLMfhFiVHLCCGUMKtxgniY1EenJchhry9yncwGVlTB8_vzRA5lP_RHlF0xLFMWGSdVguC_WEPtH-JGo2g3945UuaEqzubuAqAzyW-oz2MCVRsn-od_VXaiIKoeUH3a6_uofadvQY7oKuxZ-x497AXg-LjRucl_l6v9nDkTgcRo00-RE84Fp-nch32sgY4YqGYFibdH5LRM_LnX8eBSbNoxxM_XfCj9oTtYhiopaA_9qdwXMr3vc5scFkkfqaxtA2ZmoMHURJYBGJ_mUImyoDJsKrHBS-RD_R4ndHLYdSpVdMP6u2dKCvzDXK0RaCxli5gPYdDNQM2yAbjXgiADfW9XnmkZMY5FeNMEYGOtiap8_MNjsnS3hIyAGniAp7O5WuZedsIhkKWrGT3CAxXord3BQ0LWo-bMN1kwzj8gwkdl7v3phk37T-UTI_tHK2EqRv5SrgR5QkK74JXGxW9YF6HaJC1Sh2rRZTwGxzigWuwwPmDv9jU0OHWWinWFfoK9ixUJBvbRPszXHgftd0DOnmfN6Ot3ylGn4MWqrN3lxZMbVix8LIIwE7T0aoo0DBv4RCKhCDX5krwYVD5IKFjiNXCOmTyMRQaU6Sjq8i2Q4dbzfU222AeF-g2g0_9Aw4Qifk_p0NkjHtPnSc_VzgVHPjMnYBn48YD_cMxfBgvsFEvTsNwejkvv7k_hPOmQS2Yfw9oCs6O6et9NmY_zOZ5rbpQJWgIYL7jZKPoXtoaTXVJgCIZhzsHt24pa_RZOb_sufiqVXpeCOXwAFcMhOu5hrQPoOPwVFuLPz9jzVJSMgFiAH_3n9yELqSNWUcDjwVVEFO4M_-xNSv6jNeAeTS2DN8RKwIcFbVrY-kazmvWuSAds
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE9F 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7270162228423&version=m202301230201&ct=76&x=8&cor=14646098180658207000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D7C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgD3WKDNrZJ6vCb2RjuwPlf6ImAcAAAAAOAHgBAI&bg=!JCelJ3PNAAZ8_aWmXP07ADkAdvg8Wvldmancc3SBVL1MttWtOgDkHzVEXZSMRfiJJI3OyTf69SwaC5KJaeA05muOdSyinGe9-50CAAAC-lIAAAADaAEHmQLPNsK_rViC9Gwxa17pE_9_36X5Ix9dDscMpQHBnRpVcl9JcBcW3jXRx0pFbbKPGiAJkObjMLlKbqcTfjS6Ppt5lOOytI08CGepskYh--coT35_JL37W3V9NirCiwEflCUZYX9Xn2KH4fISU71YgOktMVaI4yYUKRrUZICwrItCscFLSZl0ubz5mFKudTtBZNI-f5UEGa0m8dUNZlPwIDCvGk2fN9ysAqfGf0ttcn5yst4ZvEgI-kJKRboKAsPIFJhHZwUcicNacYUAMZAMEndysvG_95_TJoltF6tC9g3yB9yVDhR-72aRm5bqtLLVYMfRva0XcIuM6UDLyZJSyg8an1lqPtKl49DPPUyiYOsLK7CobmJizDMSuI6D3l_DXcMrzxmJnXeHRCHtAk4TgoRULy_5LtRCOzkn94r3HrV7tmdnO_sb2oyiLz3-b9mhsQmvSWXqZeAe-a2cK3V2_UolzH3yku146mrQkdIhLHeZcoqEjBdryXhPCmkGvpA85QBo5yysMnQ1MUazskjsMlYqlxaTywgAUfX_SLTxKTIN8RGeLVdwYnVU8F1QpGkDh02hxw_U-xfK0BUvAk-G0gCZT7mBSoUTU2RTo4YSquqFo0sUuEZssqTwXhSmDIt4cREY5woU_NRfKUQNfVqr0_OZH7t0ClIpK3GD4Si93hiUA1BUjVwV7frmbLF0hAs1vBPZ1N2e9PDv0PWuwcdl_yDWF86UE-n-qPxz4Alb8k6qoNyqh1DP5cTIB9RYCd7qWBGxfqNmzio2dhA6nwbgjud_eKe8z2lXm4iomqds8YnYlx1a5tWfT4nUG4W_owkRo0Fm_gON6-jYBAY0loVcduGMUTnW1gE3w9LHn-5x_5INWp9vmni0rT1NLY8cH9qQmH_pSpvvUM0C7YTYsS6r4lnHzEBDCAzlbf7Q-mgOHn7C17D_DS_VF2wSDG4L9YGhq9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA56 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4093095370372&version=m202301230201&ct=76&x=8&cor=13952931540454148000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3380 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwdP4KDNrZOP0CIzT3gPf5YXoCAAAAAA4AeAEAg&bg=!KCulK3_NAAZ8_aWmXP07ADkAdvg8WnWpyUkYk2dApl1nTtkhdL04UAEagQX-mOYB-zPAzLLsTZyGoVbG0nzvoIIYOZcNQQhDvwoCAAADZ1IAAAAEaAEHmQLT2yskIzSes0gyY9g5SUTBnSDuGM9xDV5OxWwn3Pm777KgBKPMZUUm0p_QKZQINHSTwM0yNB60KCyfkWiwO48Ca9hj3aMnUGcOfoLmiY4eb07TMg-m4sKgdLxpubKsCPp_PibbX_yOaCMIlRpQhOkxFNn-Dz3z19rbdKzSWEUwzN4zyE9LBwxp7_cwPrRZetJKaIvHN9pRj_lh6RjLUaVn_3iG8dQyPenilgfL0KAEgLcdHxVEOZEzWKqcBi3QNAwJVwkMypNMH5whaF4mC-y8JvfdlFUkobb16lkr9DybauSRCD7UiqpUymkCJXHh6kewjcVz9FC5__VBNX2iJ2n8GrlRh9MNV06FF2YfOW3I0FR5ZoaJ6pE1mOmD1G2mzH5YUIos6pMGUhYLZQpPcu1Twk6-0s2K_v22evmqIvA4XEVDz77UOL4VtfXEWDThM_YHUJKRH_Hamh_mlg_1aUhiQlTPye27U8spNLT_09Lm9rG9ykRZX2kNxyJitK-Pp9ERC3hxlXWKHpBrKNdGLnAGMeT1knvZfxUEHqyNqjbDHxJu0rnckr3d2e1_lM_rz5oymwFqYpHLugp1bUddBb4F22khef5LMTtpR4D8BPucvCUhlZsBX-90PODt8x9yYvIzzairvw3_jq1JZsXIlMWagQcwGGmQfHQUw7BM_qQmpSsPiqmgXB2bXZfKwK_nYHVKaS-P7IXhPtQnTi8hkPqN6SGjs9jOEeoRQnEeAR3V1fQFnN8RDnOu9sa9ECG-Kf1ERbxuUuEFoP2--dSDonLzW2iOXitKrn_iZo5kFjAIHusYN8xtLwie6DoCDSlpxdWkaaAjGxsJTL1a3u5Q2ByXiJZFXHugfvJ0Xm4YXqyDAIAht-f7njikiEA_Mj_DE8e-EE13KjqhHoYHbab8OCcOXZ5Qeh4N7zaMM0Z7cRrTXtMBkjUDXKrckuEHkPZpbrKR-pDW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
s0.2mdn.net/4528404/ Frame 0642 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=1ZVFtl6CR2&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:16:29 GMT
x-content-type-options
nosniff
age
50464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23315
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 19:16:29 GMT
dc_oe=ChMIr9PM6suI_wIVSYiDBx1cogw5EAAYACC03uxKQhMIm5qB6suI_wIVosi7CB1jjgHn;stragg=1;&timestamp=1684747053081;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame CC7B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIr9PM6suI_wIVSYiDBx1cogw5EAAYACC03uxKQhMIm5qB6suI_wIVosi7CB1jjgHn;stragg=1;&timestamp=1684747053081;str=Show%20Slide%200;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
s0.2mdn.net/4528404/ Frame 7811 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=0fdvrTJjRv&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:16:29 GMT
x-content-type-options
nosniff
age
50464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23315
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 19:16:29 GMT
dc_oe=ChMIuovW6suI_wIV_Z39Bx1IjwIJEAAYACC03uxKQhMI4-n-6cuI_wIV17beCh2kMwPW;stragg=1;&timestamp=1684747053302;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 2438 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIuovW6suI_wIV_Z39Bx1IjwIJEAAYACC03uxKQhMI4-n-6cuI_wIV17beCh2kMwPW;stragg=1;&timestamp=1684747053302;str=Show%20Slide%200;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
s0.2mdn.net/4528404/ Frame 55C5 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=SomSsvo8lU&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:16:29 GMT
x-content-type-options
nosniff
age
50464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23315
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 19:16:29 GMT
dc_oe=ChMI46jd6suI_wIVjKl3Ch3fcgGNEAAYACC03uxKQhMI-Y2P6suI_wIV2cq7CB3KVgnp;stragg=1;&timestamp=1684747053400;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame AA56 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI46jd6suI_wIVjKl3Ch3fcgGNEAAYACC03uxKQhMI-Y2P6suI_wIV2cq7CB3KVgnp;stragg=1;&timestamp=1684747053400;str=Show%20Slide%200;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
s0.2mdn.net/4528404/ Frame DE69 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/03032023-031528906-1456_180_stoerer-gbplus-2zeilig81dfb0d9-0d85-4706-a485-3411fa89425c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9548364509937149214/1676550659977.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9548364509937149214/index.html?e=69&leftOffset=0&topOffset=0&c=XfzVfoGPK8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 19:16:29 GMT
x-content-type-options
nosniff
age
50464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23315
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 11:15:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 19:16:29 GMT
dc_oe=ChMInuPd6suI_wIVvYiDBx0VPwJzEAAYACC03uxKQhMIkZz-6cuI_wIVlS_gCh3sjQcR;stragg=1;&timestamp=1684747053484;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame BE9F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInuPd6suI_wIVvYiDBx0VPwJzEAAYACC03uxKQhMIkZz-6cuI_wIVlS_gCh3sjQcR;stragg=1;&timestamp=1684747053484;str=Show%20Slide%200;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
728x90_ak_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 60D5 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saambaa-static.azureedge.net/sidestage/728x90_ak_v3.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48EF) /
Resource Hash
3e18c8b1d97b6da1d013835a374ea4c88f5985ea76c176ebe93930dd9246bd21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 22 May 2023 09:17:36 GMT
last-modified
Thu, 27 Jan 2022 00:46:57 GMT
server
ECAcc (ama/48EF)
content-md5
0BQeU1Z5BhFu3+87WleHgw==
age
278152
etag
0x8D9E12E85AF719E
x-cache
HIT
content-type
image/png
x-ms-request-id
56a3828f-501e-0054-2806-8a0788000000
x-ms-version
2009-09-19
accept-ranges
bytes
content-length
28093
c
prebid.a-mo.net/a/ Frame F9F7 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:36 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
167
server
envoy
vary
origin, Accept-Encoding
bid
ap.lijit.com/rtb/ Frame F9F7 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
a18e897710711eeee878160d41d68faa7617e31d9f788e480d4dea8c368be6cd

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 22 May 2023 09:17:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.idrlabs.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
3425
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F9F7 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000628,1,,,&rf=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.page=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&tg_i.domain=idrlabs.com&tg_i.pbadslot=%2F65889844%2Fron01_300x250_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=033993c6-ef62-4d3b-ac38-9a3ac1b43407&l_pb_bid_id=200ad84a57be2bf2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250_desktop&slots=1&rand=0.17999959810052402
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e96f804391921f1f48dfa47253491d531b4ebf924d643fd48a480f38b77d1df9

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame F9F7 		821 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22202a7de4a33ffc28%22%3A%22c070e8c2da6737a72de3%7C300x250%7Cgpid%3D%2F65889844%2Fron01_300x250_desktop%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&s=96068ca5-99ca-48ce-b342-0e0216f0eed7&pv=e7123b07-4b46-4569-bead-06ccbd3ae26d&vp=mobile&lib_name=prebid&lib_v=7.31.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php%22%2C%22domain%22%3A%22idrlabs.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22idrlabs.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
ddf5afd50552730e3b8ecc8b2f09092370b20b296baf525c0189c39fe2ebabeb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-142
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
475
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame F9F7 		38 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=692500
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b7fb1d014cb5f57355454c0e8a9bc201d3e630ff9e7250de04bafc25694d9f6

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkOmayqQQX1wP4OLZSrKQzA%2FFvXO1xcVC7QmJfnU1stDMQpwsiXsuSh%2FkSdSK8PpdE%2BKGyoxzNWoX5BJZquxkA%2FBtxdZapyv4ZPEu%2FD2kmfvJS%2F3f38SJQW6L%2Fij2jV5tsCTeOY5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7cb3f78d6c24373d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
prebid
ads.yieldmo.com/exchange/ Frame F9F7 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.31.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saambaa300x250x1-0%22%2C%22callback_id%22%3A%22206544dd4feda2a1%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222995694022422372353%22%2C%22gpid%22%3A%22%2F65889844%2Fron01_300x250_desktop%22%2C%22tid%22%3A%22033993c6-ef62-4d3b-ac38-9a3ac1b43407%22%2C%22auctionId%22%3A%22c28932eb-7eec-4692-ae97-946af8fefe4b%22%7D%5D&page_url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&bust=1684747056221&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Murderous%20Villain%20Test&w=1600&h=1200&pubcid=3ae45e29-720d-44bb-a13f-a6a5c41d6643&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22saambaa.com%22%2C%22sid%22%3A%2272000628%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.7.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-7-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ Frame F9F7 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.idrlabs.com
date
Mon, 22 May 2023 09:17:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame F9F7 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.idrlabs.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.idrlabs.com
pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Amsterdam, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.idrlabs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.idrlabs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 22 May 2023 09:17:36 GMT
integrator.js
adservice.google.de/adsid/ Frame F9F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F9F7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.idrlabs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F9F7 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875267802583696&correlator=1450167088869802&eid=31072020%2C31072879%2C31074686%2C31074533&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_300x250_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=11&adks=1246821082&didk=2887917928&sfv=1-0-40&ris=16&rcs=1&prev_scp=hb_format_sovrn%3Dbanner%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.15%26hb_adid_sovrn%3D2132816e19bd29e5%26hb_bidder_sovrn%3Dsovrn%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.17%26hb_adid_rubicon%3D212cbeba8581f273%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.17%26hb_adid%3D212cbeba8581f273%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Didrlabs.com&sc=1&cookie=ID%3D27868814f124b32d-2202d96ae6dd00e6%3AT%3D1684747038%3ART%3D1684747042%3AS%3DALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ&gpic=UID%3D00000c19f3a32d04%3AT%3D1684747038%3ART%3D1684747038%3AS%3DALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g&abxe=1&dt=1684747056597&lmt=1684747056&dlt=1684747039011&idt=1049&adxs=353&adys=899&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=ulsmay8g1rrf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ref=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&top=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&frm=23&vis=1&psz=300x250&msz=300x250&fws=384&ohw=0&ea=0&psts=ABHeCvj--tIdg9kMb92DJGi6EfvMYiiwuDJChwCrAJ8AReBxFNfCC9TEe9yDGq0baaEKAt2TI1lwmRS0y6pD-X1dlBMBZZmA%2CABHeCvirWkEcYgSYXaKfO_UIuZfWprSzXc-v9OO42Mz5mM1lfgmswrmpf60jFMHbtgqZrhDhIZlGY5YsPlbGouXaVWACobqI%2CABHeCvjl7wBnG2urYM0mMZbM4CFQBU7HSOPcvD4bh2ao683572j57v8el4Oy-4bPA4EF3PPWzWAfQWghgoYKfhWm5W6PuWdO%2CABHeCvjux-g7N6B5454NXB4ghPxUOsY8hvQuuuw-4dae4Mj6RrCUBmLjo1fU8pIW3GjH6iRRnssYCKqcrw2bvKVBl70d2ygKC7rD15Q%2CABHeCvgDrO47WHTHmwQxVqx7TbEHdnpZKusZ1jzglB0TdpUGjdbnkX1LckNPtMzBuZdA98MPrEiIziMNuU6cqiOIKgweWcKo%2CABHeCvgvljlCcCfCOP3APOml8Wm08stcpBAaixVnL8UtGV35dHgWXZQH5LenuRXgAqgWPdST8ImMfHIrbnvgZwUkintaedhw%2CABHeCvim1AJBjON1zAV5kx2bXhDE_8CW8sWaMUKsJs-VBbFPKl5hgQTjn_qBdIWtw9JQnHvaDUhMgeP5CU4g1OG8FerO3_qD%2CABHeCvhSh6GoWP8r9ZPqA56644uCEinczB_LQIwPS9gVu8Np4mwb9h6gdlYIRDVgAAY0Xhm-511W78Ydkp7mIfIDDwHRlp9Z%2CABHeCvj7YVwdJ8kSCi7kDcmkaMvtnGdM4HQBGNqcO_HUh58tqgTfNxTGrl7oh7Qn0eaIK8tQOIuMd5eTOh5PDdcFbyAjrTYY&ga_vid=215484772.1684747038&ga_sid=1684747041&ga_hid=1414959249&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmd7-lYQxSABSAghkEjsKCnB1YmNpZC5vcmcSJDNhZTQ1ZTI5LTcyMGQtNDRiYi1hMTNmLWE2YTVjNDFkNjY0Mxjd3_6VhDFIABIdCg5lc3AuY3JpdGVvLmNvbRiZ3v6VhDFIAFICCGQS1gEKCHJ0YmhvdXNlEsABajE2OTVXb3hNcXlpUGdmSGZMUWpmTXVWTElnbUhjQ0FnODVEZ0JtaXFKRm96Wm9GNWpPTzAzOC8zOTlrT3diS2hQcFB0bTR0REdseldLTWIzMGNqOEt5NDg0WG1FWkxOY2pCYVlBVlozSmpuZndxa3c5NEYzWUt2U0Z6OC9YQm9HN1NqSzNhak83RkQ0am9aa0hSaUpwVGlGYXR6cE83WjlLVnNSb1RISE5KclRZWC9UUWYxMitoeklWa1dyUnlYGM3g_pWEMUgAEhkKCnVpZGFwaS5jb20Ymd7-lYQxSABSAghkEhQKBW9wZW54GI7h_pWEMUgAUgIIbw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a36226a65d9f2174684c00cb40359f22f580914096b018e51b39175b171a22c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11008
x-xss-protection
0
google-lineitem-id
5111853565
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274588176
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.idrlabs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7975 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame DF23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHu4hE9FCRRvtBLEyB6GONhRQD9b_2CR0eLscACfGduMFft8XxWCuS8mJhMg4fwZzcbINmUzlMEsCYI-qVhSkJVe2C9Ud45HaRyHN8M_Z-Artwrka6uJjyWkB_7HyzNdcyQO3gJhXBfXqo31tZ6t7-_fS9l1vEKQTeAEWaPP1L6tA1kuR5-pQtMVwOYV5gBXp3CEBeQYhTDpsyyWaGKS_Klo2tEpzIcOCJJ7A-QgIrtei0mhohdUCK64JintP0itYSQu-M1t1EHtCOZO0R19aMGGmwe3qYzb3Qjy3PtHxvXpolaH4pGvN7xLsq1sE4-YdzNh6_YI9zCBOAiL0&sai=AMfl-YSa_u8j6wgtNevz6WphVIvMOCxANuZNzAjHrtURRdLhW5Jq7mCfayqdIdRGQx0yfGECoJk8e3puTaA1NpNw_vGriAf1I8QcIE3xwBCMkQK6uRm8Jy1P_E-XFaz0mA&sig=Cg0ArKJSzEexUZXZ4CpdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3750 		335 B
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxDZ-Ky2BBiqpLPlATAB&v=APEucNU5SUkwvJCY4YxKwzhutaijn-VnrEpVJ0u_l8ZIUTgBfcQB_oxTBmnyf2krU3rQ4KXzp2jVSB2jv2H97W3MBHbowhBlJLbslDDkysCpyRk4jInc6ULUTXrxlhsM7S7QipV2h9dVOjExJIhnH2GUpdNWSjzVKeHdLtgtFL9fLuU2IAmzPbo
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95028fc49f2d510419b0ed366e9440e469be51a0142e4a65338fda6fcbeba101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
129
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 09:17:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DF23 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28042
x-xss-protection
0
server
cafe
etag
3261498652431352696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF23 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DoExHxjbaUGCpapo3t7BZSCCxnld1tJLEzKN-eCOikbL7lWgNbQoBK0DPZOwNGO3MqQrTwM03aHL4iSghUvRWusSjtd_MOraQ_Tg4G5g5PY1WsMls
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF23 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13483264107463772830&x=8&ct=76
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b734e3d8-e15b-4126-abae-16b1831afc7f
beacon-ams3.rubiconproject.com/beacon/d/ Frame DF23 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/b734e3d8-e15b-4126-abae-16b1831afc7f?oo=0&accountId=24022&siteId=409990&zoneId=2299318&sizeId=15&e=6A1E40E384DA563BD55515172F920E23BA9BC02E88156104511643F5FED4F01FE87E781F5F4B587969EDB5103E0E7BE89F0BE1F8337FD75D4A616D79209DA79B3896213110F0C9D0386E0B5ADE1A726D2850FE1C768F733E93155049EEB7FE49A05BCD419A51E3502279AD627801C5888A849505F7799B21D0324E3F83196DB94E6FC96756E5E57168EB47EB14AB3249ED51337A216D7EFAC6F6ADD4A90A3511EA4AA4E7DF14804DC8CA52A1DF3F10FD215972E28BDC5F2B535FAF19C84C12DE
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DF23 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:36 GMT
sync
odr.mookie1.com/t/v2/ Frame 3750
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_cm
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_2739&src.visitorId=CAESEN_uiSW4Mn2h5788KIgCGcI&google_cver=1
42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_2739&src.visitorId=CAESEN_uiSW4Mn2h5788KIgCGcI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxDZ-Ky2BBiqpLPlATAB&v=APEucNU5SUkwvJCY4YxKwzhutaijn-VnrEpVJ0u_l8ZIUTgBfcQB_oxTBmnyf2krU3rQ4KXzp2jVSB2jv2H97W3MBHbowhBlJLbslDDkysCpyRk4jInc6ULUTXrxlhsM7S7QipV2h9dVOjExJIhnH2GUpdNWSjzVKeHdLtgtFL9fLuU2IAmzPbo
Protocol
H2
Server
34.160.236.64 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:36 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://odr.mookie1.com/t/v2/sync?tagid=V2_2739&src.visitorId=CAESEN_uiSW4Mn2h5788KIgCGcI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
308
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3750
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI3WKTD2c5QmfMbQ9U9Esqw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI3WKTD2c5QmfMbQ9U9Esqw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxDZ-Ky2BBiqpLPlATAB&v=APEucNU5SUkwvJCY4YxKwzhutaijn-VnrEpVJ0u_l8ZIUTgBfcQB_oxTBmnyf2krU3rQ4KXzp2jVSB2jv2H97W3MBHbowhBlJLbslDDkysCpyRk4jInc6ULUTXrxlhsM7S7QipV2h9dVOjExJIhnH2GUpdNWSjzVKeHdLtgtFL9fLuU2IAmzPbo
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEI3WKTD2c5QmfMbQ9U9Esqw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3750
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjMGUzMjkyZGQ1NzlhZWJmZTE0YTEwMTU5MWU5YWMxY2JkMDAyMA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjMGUzMjkyZGQ1NzlhZWJmZTE0YTEwMTU5MWU5YWMxY2JkMDAyMA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxDZ-Ky2BBiqpLPlATAB&v=APEucNU5SUkwvJCY4YxKwzhutaijn-VnrEpVJ0u_l8ZIUTgBfcQB_oxTBmnyf2krU3rQ4KXzp2jVSB2jv2H97W3MBHbowhBlJLbslDDkysCpyRk4jInc6ULUTXrxlhsM7S7QipV2h9dVOjExJIhnH2GUpdNWSjzVKeHdLtgtFL9fLuU2IAmzPbo
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTJjMGUzMjkyZGQ1NzlhZWJmZTE0YTEwMTU5MWU5YWMxY2JkMDAyMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF23 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3454285708779&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF23 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3454285708779&version=m202301230201&ct=76&x=8&cor=13483264107463772000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DF23 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpA2e4oXBJd-BY0DEeJFOWOj4ZB5DmMwUbk4d_stKDTtL5mRQOfbTSlhgAFMy6TqkjONSJNidsTXi_JUBIFAbc-4WI8CXFRPoFgs3xXlYBrQ28q6B4e9Od6C7rdNY-YhA2t4UGgli1xW8ET8DcLmSocihYvBsW8Ff3H_b0w7g5QrCyYL8&dbm_d=AKAmf-A9wPuq1Oqd_o2MyQETi65NTmQH68S-7U4H3DyDrJx8VHrMo3W1R8HniyWPxtGoUq_KrO3GB4IRzw6kokvJXlALY9_85Xsa0l7vPgkJLDxDev1eSOXVuRk9DGNl8l0KJY_owAPR4RBY0F0lFZIx8G5I9uBkoz7Fq-6mVxH2FKECoU416OL_negb5jI_VzXvYCCXP2g4bvMJ9A8489bJuS91ngHA32picwZlDkqLdO7_ybeIz9rFAIlhggeSDPYBhhU8hzKjsGV6OrJm3QHWmw5JAFxzZcboJi8OsiFAdJ-jqHr5-quP5X2EeLMYZQcKNr3NvAL6Nr1s4tDZs82k3nSCg8sBymZJ_Huz8Kdx3IW4sLNSPAeEuUQMI3JbMbjnfvGD9NfufwqiFe8aGIdlUPFRnPn1qpF1CvN-T5OwBrVpbm-KE_k86Fa0zdmXJktEGutMXGwMGvChUrkYetWxJpkqjr2FmY8LDyzKV6c43UuaMD7UpS_3rILfx0jcU_OLNbgcDAIu7M0x-UWlgbHrHo8pVutOJNgrVSI3ixG8XVASyETUwzMl_vSPBWFqwqw9yUODRIA_IgIH7iHLXzxDowsH_FaN3i1Z8UBR_bJ_xA1ZgTVH2LHjdQ_12mpGoNjwsjkDyAlCRYQF9IGKsDXdBUBMM1hUSmumSPrg0PgYmnOjvh9MZ82bw8F05NH8caOmzTNFLTX4leXKkod7k_Fso059vR3VuFdkwXRo3LEedlOa0XwraGqPg3enI7ZlLNzi8kCm4_lX5-IIzzIhN_dlqerBG0SJ1j8jNSdErJRC6DHVWElqkxzSTELbAcOKkLbDB1xNrPlRzWRPXnsHQSUvERQHx66xThQWyBe0Q6aK5REtEnHcA1K6jgX4H9Rs6FpxNd-0CutN_oO6S3r_UNKIZ81dLHzaObiKlJj2N2j_tHjyak7PVF03g5B1hRxKPbNxlfQIv6HRb14IiHNWy_XowM-juBNc2YwV_DPr8t6aG1Ay92G-VS5u0EJf09Vd6M9vJLe0iShWx4xJ5_Kr5cR8PieMIwThms-nyM0DfhnIG6TGH-Bbs-7VDdmLMhCiSECsesi5c6bKxZdwXJBaG5XQz3P-8hRyMkKarMWpY98MSHKXLwrFqST3XEHW8lna8AC2_B_mdhS042ImjI8ggt9RGomffd2k8_skQP6fR-OV6CJmDAPT4IKZY7_2N7OLoJcE-CTfgQIY5FmUU_T-SKUyWpsM-9aCO29XGr32M9uWaQ5BlPfsBmf8WL6QVqmnpRaK5iW3_lKOOZFx4mdylSp5-ngLhg9qwWMVt_d4lk7KC4YXNLb0ZrBG6mh0ILHeFvNPFCum6_SxlYIuUd4m-3bYndB2KQ27gmAoSRjs8_P1Fjwf577cH0Z3uul08WWBG5U_eLwd1eJNoVzBtm1QAdsy5Tb1G2n_bXtc4P-_70l7T5kaFA4bpmzKwCUjYqXPhLh11TZdiVAmMnSIDS0QeVC8a09HXfjpXP5G4V5eQ0bW0rn70ykAnVI9dmxmXQ8F0IdRo3IVuviv2XA_EMNq8_Zi9aIow_gCGiGhIcmqz_YG--U-rC3jdBZMp24r-YTqLuuRcHo8ZJCfaAHqZ8LAvRpEfHSZL93rn0H2AtdEXdx8MZTKmR9N8_-ZfMcPw7k0NznPQ1zDMoy-CttV5IuVipcKOdgjHtPsjTX1IfMab10RPfAO83CF5embEJSMqGpZrpMPNWSIsOOw6jsuGnGstI8Bn4lqwvGboBHiJSK4RAnXM7BF06yth9ZM2YSQHurjGfsLnKVtterYWD8p21gQfWtDOKfofH8SChRJDm2vqTzTWUjqG9cT7SjBEziCpdrVTzIR5SA3fWjeizCN84Q2yMvj28VGiziqFJNRU4u9I9_1LXAq3O71iQya1IuIP-Gz5e0BjD-Sh8fpBhqJpxup9XA_PbtLcjOhbxIxzmyens6e36dqS3AMO9bT1i9hzI1ttdB__R0a7f59t8oWvjXK4jgcmEd0QpuvnTXBdi3BnDcxDdr6ETJTNXtx5ZTb0tRWnzE1Mj4-HFfD5BP9d0kEvmc5HyYva5mAI1cR5ch-HqDuXt5hOjUA4wgAT2A_5Yb-1lJzc9wh7itYufhpkzDYCFsI0g6IRRLhYoNKY1nwS-zYKMNWnd6a25aOTvVu-yWDArP9M0QIDDSr_kL32sxGtWrO-cx_jMQsHKmKd934ENFS2RiHcVPisbT3AbraErNyvCMI4qO_yKxutUVtfGD6N39qYxJlrQtZ_F7S8iqrFOwrRoXcT5yt6B7t0UzjEhy2-HyLFhqH1d_OHHe5czinzM3F8rpy9AChAcjlCsqRWRF9MY0pkQY83SJamtoDryy3pIMxOa7AeUY9phemmbMpEdW-hwFvA_LlRGCxATv5FEOy6UTxfuEJByme37S3wJXcUIycYISqD8BLkdeRZSnHo-hpITEo8HVumnkQQ4GixUTdgZKWy4OH1m0vuQCHm-BhDmdb_ozPHAwGrhSLJgSaC8-TECPcy06pImZ47iK0IjBiH_tzxZ441rEs7f_F8X6fStzoGe6quwbqiUhwVF8c37j8C-tQYuqpYISAJBIyKqZrzvmsaDFxQKNEOhhV-8jmP7d5f86ehlGanBhe7ZMnT6FdMtV_jstIX_-xihQbAWKMf70zY-0wjl51UU_iLvbyA472m8JAAkPC89poDMGvEqT_0zXUUX-NuaPpL40S2YI5fDlKWkrkH3wO3KJ3MBWKZF8taTm0mYm202csYbx7kHmFau2VG5d2bIpnQzb2Gb2J1fhncCuoDK1giEzZ9Iz-Cu10OeUk9gI5FHfHxsnGffUhUCw0WmIaF775zbJCreQ3SMsv5NHHwFB3pJNYiO-BEDFvkDLSC-0GuvdLMg-hKMe_i78ymT_mhYpCLglAVbGKs_eLu0JgUHNXSiT1UxnyIMBNzp4ubIcGz-juUsZ0Fjifvv6VlOGTqe6VDSr-hVb_XOof9iHSMZNIehmr-vaqK1MWG1JvDIceAjLcV3sx0vxBbXizVVP4-QARQZolfD-R8QMgMNkT-mr8FwiCcn3jEpVY7m8i3T7bcnUIkpUj403_EcXOKe9OcJiASNJMzR0N6zyrfb4gBHWFHcw9QxzQDWQcqCP7ST-MIbSA329n81DcTSNok-VZkdCIBKMs0Oo7GLwu6XLtPugrH9KMXgRscdsbQkH5A4y_bAr822sltdjon9y3QAYSO-a2x1me04aGOYpFvBz4FMOccw9P3CUeLOlCDfDnIOnQ1ptzbNhi_qymISfbhwC3r17CQcmVv_q-zIQtt3IxaD4yE4Ifo3AHiTYlu1wINlVbTHGhOVjoCBsCeFqXCokQRp90jcZSACqJbfMgNvPD9fF7NU9kxCP88ITBcswHVmyS&pr=8%3AF3143676F71BF293&cid=CAQSKQBygQiDy9g5W0LPcguY-wfj-er85YrLobSn_FscLq0XEp_BGCZ33SmZGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=13483264107463772000&adk=3930067726&idt=120&cac=0&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fd589aa2a8f18015beb046461c271513b8e1aa8e91d1496dd7c83433f785d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 09:17:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36775
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame DF23 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Origin
https://www.idrlabs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 09:27:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:27:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/ Frame DF23 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpA2e4oXBJd-BY0DEeJFOWOj4ZB5DmMwUbk4d_stKDTtL5mRQOfbTSlhgAFMy6TqkjONSJNidsTXi_JUBIFAbc-4WI8CXFRPoFgs3xXlYBrQ28q6B4e9Od6C7rdNY-YhA2t4UGgli1xW8ET8DcLmSocihYvBsW8Ff3H_b0w7g5QrCyYL8&dbm_d=AKAmf-A9wPuq1Oqd_o2MyQETi65NTmQH68S-7U4H3DyDrJx8VHrMo3W1R8HniyWPxtGoUq_KrO3GB4IRzw6kokvJXlALY9_85Xsa0l7vPgkJLDxDev1eSOXVuRk9DGNl8l0KJY_owAPR4RBY0F0lFZIx8G5I9uBkoz7Fq-6mVxH2FKECoU416OL_negb5jI_VzXvYCCXP2g4bvMJ9A8489bJuS91ngHA32picwZlDkqLdO7_ybeIz9rFAIlhggeSDPYBhhU8hzKjsGV6OrJm3QHWmw5JAFxzZcboJi8OsiFAdJ-jqHr5-quP5X2EeLMYZQcKNr3NvAL6Nr1s4tDZs82k3nSCg8sBymZJ_Huz8Kdx3IW4sLNSPAeEuUQMI3JbMbjnfvGD9NfufwqiFe8aGIdlUPFRnPn1qpF1CvN-T5OwBrVpbm-KE_k86Fa0zdmXJktEGutMXGwMGvChUrkYetWxJpkqjr2FmY8LDyzKV6c43UuaMD7UpS_3rILfx0jcU_OLNbgcDAIu7M0x-UWlgbHrHo8pVutOJNgrVSI3ixG8XVASyETUwzMl_vSPBWFqwqw9yUODRIA_IgIH7iHLXzxDowsH_FaN3i1Z8UBR_bJ_xA1ZgTVH2LHjdQ_12mpGoNjwsjkDyAlCRYQF9IGKsDXdBUBMM1hUSmumSPrg0PgYmnOjvh9MZ82bw8F05NH8caOmzTNFLTX4leXKkod7k_Fso059vR3VuFdkwXRo3LEedlOa0XwraGqPg3enI7ZlLNzi8kCm4_lX5-IIzzIhN_dlqerBG0SJ1j8jNSdErJRC6DHVWElqkxzSTELbAcOKkLbDB1xNrPlRzWRPXnsHQSUvERQHx66xThQWyBe0Q6aK5REtEnHcA1K6jgX4H9Rs6FpxNd-0CutN_oO6S3r_UNKIZ81dLHzaObiKlJj2N2j_tHjyak7PVF03g5B1hRxKPbNxlfQIv6HRb14IiHNWy_XowM-juBNc2YwV_DPr8t6aG1Ay92G-VS5u0EJf09Vd6M9vJLe0iShWx4xJ5_Kr5cR8PieMIwThms-nyM0DfhnIG6TGH-Bbs-7VDdmLMhCiSECsesi5c6bKxZdwXJBaG5XQz3P-8hRyMkKarMWpY98MSHKXLwrFqST3XEHW8lna8AC2_B_mdhS042ImjI8ggt9RGomffd2k8_skQP6fR-OV6CJmDAPT4IKZY7_2N7OLoJcE-CTfgQIY5FmUU_T-SKUyWpsM-9aCO29XGr32M9uWaQ5BlPfsBmf8WL6QVqmnpRaK5iW3_lKOOZFx4mdylSp5-ngLhg9qwWMVt_d4lk7KC4YXNLb0ZrBG6mh0ILHeFvNPFCum6_SxlYIuUd4m-3bYndB2KQ27gmAoSRjs8_P1Fjwf577cH0Z3uul08WWBG5U_eLwd1eJNoVzBtm1QAdsy5Tb1G2n_bXtc4P-_70l7T5kaFA4bpmzKwCUjYqXPhLh11TZdiVAmMnSIDS0QeVC8a09HXfjpXP5G4V5eQ0bW0rn70ykAnVI9dmxmXQ8F0IdRo3IVuviv2XA_EMNq8_Zi9aIow_gCGiGhIcmqz_YG--U-rC3jdBZMp24r-YTqLuuRcHo8ZJCfaAHqZ8LAvRpEfHSZL93rn0H2AtdEXdx8MZTKmR9N8_-ZfMcPw7k0NznPQ1zDMoy-CttV5IuVipcKOdgjHtPsjTX1IfMab10RPfAO83CF5embEJSMqGpZrpMPNWSIsOOw6jsuGnGstI8Bn4lqwvGboBHiJSK4RAnXM7BF06yth9ZM2YSQHurjGfsLnKVtterYWD8p21gQfWtDOKfofH8SChRJDm2vqTzTWUjqG9cT7SjBEziCpdrVTzIR5SA3fWjeizCN84Q2yMvj28VGiziqFJNRU4u9I9_1LXAq3O71iQya1IuIP-Gz5e0BjD-Sh8fpBhqJpxup9XA_PbtLcjOhbxIxzmyens6e36dqS3AMO9bT1i9hzI1ttdB__R0a7f59t8oWvjXK4jgcmEd0QpuvnTXBdi3BnDcxDdr6ETJTNXtx5ZTb0tRWnzE1Mj4-HFfD5BP9d0kEvmc5HyYva5mAI1cR5ch-HqDuXt5hOjUA4wgAT2A_5Yb-1lJzc9wh7itYufhpkzDYCFsI0g6IRRLhYoNKY1nwS-zYKMNWnd6a25aOTvVu-yWDArP9M0QIDDSr_kL32sxGtWrO-cx_jMQsHKmKd934ENFS2RiHcVPisbT3AbraErNyvCMI4qO_yKxutUVtfGD6N39qYxJlrQtZ_F7S8iqrFOwrRoXcT5yt6B7t0UzjEhy2-HyLFhqH1d_OHHe5czinzM3F8rpy9AChAcjlCsqRWRF9MY0pkQY83SJamtoDryy3pIMxOa7AeUY9phemmbMpEdW-hwFvA_LlRGCxATv5FEOy6UTxfuEJByme37S3wJXcUIycYISqD8BLkdeRZSnHo-hpITEo8HVumnkQQ4GixUTdgZKWy4OH1m0vuQCHm-BhDmdb_ozPHAwGrhSLJgSaC8-TECPcy06pImZ47iK0IjBiH_tzxZ441rEs7f_F8X6fStzoGe6quwbqiUhwVF8c37j8C-tQYuqpYISAJBIyKqZrzvmsaDFxQKNEOhhV-8jmP7d5f86ehlGanBhe7ZMnT6FdMtV_jstIX_-xihQbAWKMf70zY-0wjl51UU_iLvbyA472m8JAAkPC89poDMGvEqT_0zXUUX-NuaPpL40S2YI5fDlKWkrkH3wO3KJ3MBWKZF8taTm0mYm202csYbx7kHmFau2VG5d2bIpnQzb2Gb2J1fhncCuoDK1giEzZ9Iz-Cu10OeUk9gI5FHfHxsnGffUhUCw0WmIaF775zbJCreQ3SMsv5NHHwFB3pJNYiO-BEDFvkDLSC-0GuvdLMg-hKMe_i78ymT_mhYpCLglAVbGKs_eLu0JgUHNXSiT1UxnyIMBNzp4ubIcGz-juUsZ0Fjifvv6VlOGTqe6VDSr-hVb_XOof9iHSMZNIehmr-vaqK1MWG1JvDIceAjLcV3sx0vxBbXizVVP4-QARQZolfD-R8QMgMNkT-mr8FwiCcn3jEpVY7m8i3T7bcnUIkpUj403_EcXOKe9OcJiASNJMzR0N6zyrfb4gBHWFHcw9QxzQDWQcqCP7ST-MIbSA329n81DcTSNok-VZkdCIBKMs0Oo7GLwu6XLtPugrH9KMXgRscdsbQkH5A4y_bAr822sltdjon9y3QAYSO-a2x1me04aGOYpFvBz4FMOccw9P3CUeLOlCDfDnIOnQ1ptzbNhi_qymISfbhwC3r17CQcmVv_q-zIQtt3IxaD4yE4Ifo3AHiTYlu1wINlVbTHGhOVjoCBsCeFqXCokQRp90jcZSACqJbfMgNvPD9fF7NU9kxCP88ITBcswHVmyS&pr=8%3AF3143676F71BF293&cid=CAQSKQBygQiDy9g5W0LPcguY-wfj-er85YrLobSn_FscLq0XEp_BGCZ33SmZGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=13483264107463772000&adk=3930067726&idt=120&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame DF23 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpA2e4oXBJd-BY0DEeJFOWOj4ZB5DmMwUbk4d_stKDTtL5mRQOfbTSlhgAFMy6TqkjONSJNidsTXi_JUBIFAbc-4WI8CXFRPoFgs3xXlYBrQ28q6B4e9Od6C7rdNY-YhA2t4UGgli1xW8ET8DcLmSocihYvBsW8Ff3H_b0w7g5QrCyYL8&dbm_d=AKAmf-A9wPuq1Oqd_o2MyQETi65NTmQH68S-7U4H3DyDrJx8VHrMo3W1R8HniyWPxtGoUq_KrO3GB4IRzw6kokvJXlALY9_85Xsa0l7vPgkJLDxDev1eSOXVuRk9DGNl8l0KJY_owAPR4RBY0F0lFZIx8G5I9uBkoz7Fq-6mVxH2FKECoU416OL_negb5jI_VzXvYCCXP2g4bvMJ9A8489bJuS91ngHA32picwZlDkqLdO7_ybeIz9rFAIlhggeSDPYBhhU8hzKjsGV6OrJm3QHWmw5JAFxzZcboJi8OsiFAdJ-jqHr5-quP5X2EeLMYZQcKNr3NvAL6Nr1s4tDZs82k3nSCg8sBymZJ_Huz8Kdx3IW4sLNSPAeEuUQMI3JbMbjnfvGD9NfufwqiFe8aGIdlUPFRnPn1qpF1CvN-T5OwBrVpbm-KE_k86Fa0zdmXJktEGutMXGwMGvChUrkYetWxJpkqjr2FmY8LDyzKV6c43UuaMD7UpS_3rILfx0jcU_OLNbgcDAIu7M0x-UWlgbHrHo8pVutOJNgrVSI3ixG8XVASyETUwzMl_vSPBWFqwqw9yUODRIA_IgIH7iHLXzxDowsH_FaN3i1Z8UBR_bJ_xA1ZgTVH2LHjdQ_12mpGoNjwsjkDyAlCRYQF9IGKsDXdBUBMM1hUSmumSPrg0PgYmnOjvh9MZ82bw8F05NH8caOmzTNFLTX4leXKkod7k_Fso059vR3VuFdkwXRo3LEedlOa0XwraGqPg3enI7ZlLNzi8kCm4_lX5-IIzzIhN_dlqerBG0SJ1j8jNSdErJRC6DHVWElqkxzSTELbAcOKkLbDB1xNrPlRzWRPXnsHQSUvERQHx66xThQWyBe0Q6aK5REtEnHcA1K6jgX4H9Rs6FpxNd-0CutN_oO6S3r_UNKIZ81dLHzaObiKlJj2N2j_tHjyak7PVF03g5B1hRxKPbNxlfQIv6HRb14IiHNWy_XowM-juBNc2YwV_DPr8t6aG1Ay92G-VS5u0EJf09Vd6M9vJLe0iShWx4xJ5_Kr5cR8PieMIwThms-nyM0DfhnIG6TGH-Bbs-7VDdmLMhCiSECsesi5c6bKxZdwXJBaG5XQz3P-8hRyMkKarMWpY98MSHKXLwrFqST3XEHW8lna8AC2_B_mdhS042ImjI8ggt9RGomffd2k8_skQP6fR-OV6CJmDAPT4IKZY7_2N7OLoJcE-CTfgQIY5FmUU_T-SKUyWpsM-9aCO29XGr32M9uWaQ5BlPfsBmf8WL6QVqmnpRaK5iW3_lKOOZFx4mdylSp5-ngLhg9qwWMVt_d4lk7KC4YXNLb0ZrBG6mh0ILHeFvNPFCum6_SxlYIuUd4m-3bYndB2KQ27gmAoSRjs8_P1Fjwf577cH0Z3uul08WWBG5U_eLwd1eJNoVzBtm1QAdsy5Tb1G2n_bXtc4P-_70l7T5kaFA4bpmzKwCUjYqXPhLh11TZdiVAmMnSIDS0QeVC8a09HXfjpXP5G4V5eQ0bW0rn70ykAnVI9dmxmXQ8F0IdRo3IVuviv2XA_EMNq8_Zi9aIow_gCGiGhIcmqz_YG--U-rC3jdBZMp24r-YTqLuuRcHo8ZJCfaAHqZ8LAvRpEfHSZL93rn0H2AtdEXdx8MZTKmR9N8_-ZfMcPw7k0NznPQ1zDMoy-CttV5IuVipcKOdgjHtPsjTX1IfMab10RPfAO83CF5embEJSMqGpZrpMPNWSIsOOw6jsuGnGstI8Bn4lqwvGboBHiJSK4RAnXM7BF06yth9ZM2YSQHurjGfsLnKVtterYWD8p21gQfWtDOKfofH8SChRJDm2vqTzTWUjqG9cT7SjBEziCpdrVTzIR5SA3fWjeizCN84Q2yMvj28VGiziqFJNRU4u9I9_1LXAq3O71iQya1IuIP-Gz5e0BjD-Sh8fpBhqJpxup9XA_PbtLcjOhbxIxzmyens6e36dqS3AMO9bT1i9hzI1ttdB__R0a7f59t8oWvjXK4jgcmEd0QpuvnTXBdi3BnDcxDdr6ETJTNXtx5ZTb0tRWnzE1Mj4-HFfD5BP9d0kEvmc5HyYva5mAI1cR5ch-HqDuXt5hOjUA4wgAT2A_5Yb-1lJzc9wh7itYufhpkzDYCFsI0g6IRRLhYoNKY1nwS-zYKMNWnd6a25aOTvVu-yWDArP9M0QIDDSr_kL32sxGtWrO-cx_jMQsHKmKd934ENFS2RiHcVPisbT3AbraErNyvCMI4qO_yKxutUVtfGD6N39qYxJlrQtZ_F7S8iqrFOwrRoXcT5yt6B7t0UzjEhy2-HyLFhqH1d_OHHe5czinzM3F8rpy9AChAcjlCsqRWRF9MY0pkQY83SJamtoDryy3pIMxOa7AeUY9phemmbMpEdW-hwFvA_LlRGCxATv5FEOy6UTxfuEJByme37S3wJXcUIycYISqD8BLkdeRZSnHo-hpITEo8HVumnkQQ4GixUTdgZKWy4OH1m0vuQCHm-BhDmdb_ozPHAwGrhSLJgSaC8-TECPcy06pImZ47iK0IjBiH_tzxZ441rEs7f_F8X6fStzoGe6quwbqiUhwVF8c37j8C-tQYuqpYISAJBIyKqZrzvmsaDFxQKNEOhhV-8jmP7d5f86ehlGanBhe7ZMnT6FdMtV_jstIX_-xihQbAWKMf70zY-0wjl51UU_iLvbyA472m8JAAkPC89poDMGvEqT_0zXUUX-NuaPpL40S2YI5fDlKWkrkH3wO3KJ3MBWKZF8taTm0mYm202csYbx7kHmFau2VG5d2bIpnQzb2Gb2J1fhncCuoDK1giEzZ9Iz-Cu10OeUk9gI5FHfHxsnGffUhUCw0WmIaF775zbJCreQ3SMsv5NHHwFB3pJNYiO-BEDFvkDLSC-0GuvdLMg-hKMe_i78ymT_mhYpCLglAVbGKs_eLu0JgUHNXSiT1UxnyIMBNzp4ubIcGz-juUsZ0Fjifvv6VlOGTqe6VDSr-hVb_XOof9iHSMZNIehmr-vaqK1MWG1JvDIceAjLcV3sx0vxBbXizVVP4-QARQZolfD-R8QMgMNkT-mr8FwiCcn3jEpVY7m8i3T7bcnUIkpUj403_EcXOKe9OcJiASNJMzR0N6zyrfb4gBHWFHcw9QxzQDWQcqCP7ST-MIbSA329n81DcTSNok-VZkdCIBKMs0Oo7GLwu6XLtPugrH9KMXgRscdsbQkH5A4y_bAr822sltdjon9y3QAYSO-a2x1me04aGOYpFvBz4FMOccw9P3CUeLOlCDfDnIOnQ1ptzbNhi_qymISfbhwC3r17CQcmVv_q-zIQtt3IxaD4yE4Ifo3AHiTYlu1wINlVbTHGhOVjoCBsCeFqXCokQRp90jcZSACqJbfMgNvPD9fF7NU9kxCP88ITBcswHVmyS&pr=8%3AF3143676F71BF293&cid=CAQSKQBygQiDy9g5W0LPcguY-wfj-er85YrLobSn_FscLq0XEp_BGCZ33SmZGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&ds=l&xdt=0&iif=1&cor=13483264107463772000&adk=3930067726&idt=120&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81676
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11001
x-xss-protection
0
server
cafe
etag
16383942900985251592
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DF23 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 10:36:21 GMT
usync.html
eus.rubiconproject.com/ Frame 3C7A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 09:17:37 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame DF23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsXvQSJBBHZTcqQpWBBstfVKQ1zc5iif7rPADyNNPn87EunXaNd-049LpRbTCL1czKriuDspmBgOwzeAmPmF-FBcryPqYVYtX2ffqqFcXujTvbVL2PZ7-RxqBGE2RADFrUjWauezR1F1XWeLhqlWzNhD0AywZYz2u08OwT7RC4_XZtClF3JWKL4Pbw98N63UBHAHV8j-V4RdhfwOhlvNW45j-xlP3pHV9oMYe_W5WjPDaJqTZsvjxHNGGIHg7d8KcAjbDoQecJ9WXcX1nu5uTyQMFfu9Z84mAJ2Y32GVaevV_6s-U-nxnBw9kqddOdDjVik8W4HFY2jxXL6W6kiQ&sai=AMfl-YSEBBQucu0HzUiibvMj_prH_s77ptKVIueQZ3VNfkrrzGT5VqLh_onV7CmekKNtENpS8f9ni5zPMEAKqiRjBjCjJZR4WeWAaqJX-1jsVNWXJvYfX6_WEtgR3_8sIA&sig=Cg0ArKJSzEsIfKjDiWAaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:37 GMT
truncated
/ Frame DF23 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a9c76be2c0dd34a7fcf8bd6cbc45393a235dab4aeeb5180a43861f825b1ecb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/ Frame F4D2 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df433468922abb2eca6bf16d4b8d3f4698e65f1244e8bc0003c0d2445d34a5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
170718
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1447
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 20 May 2023 09:52:19 GMT
expires
Sun, 19 May 2024 09:52:19 GMT
last-modified
Thu, 30 Mar 2023 12:54:57 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DF23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMEQVvEwJNQPf0YcRK7qSCVea7rnRHgFM033qM3J257qJLd0seEKootAlG0pTI5DOAEpcu9rp9844YX4Vzh9yARNzTO9YNgAlEHzM1ZDFarYDsgjoLpU-BSCZUe34TketQ1Ld3l8VQ4RAW4kW00OedbkM7RRov6Qh0Vb7NQdwvmXdYsNDMvie4R7cVCqlaeeqPTezQBr2ce3x5Ag1Wz7SU1N2Z68I2PJq1NhWN3PGFnrgqhWPuWtKb9zpJfA4mxGMnt0vwKoznVTJ8u2F6ZpnOL5hZds0o6QEQBqcBuyxmDcf67r3OJLy71DMvzGTf7WIpNiJiZM7eKJfKivV1jjKXO7VhLzoctO7KblL-u1wn81G7o_49PfYHLgXwjhAPXymsqjx4GqteKyioWyPh110R0RofNZLU3-43Ol8Wg3siV5wfJNSORN7KuAaBafmNXtnmthJWYjDx7iTEC0ACoR1oyG5nW3_uJ-FP_6fWejnMkjA6cQTbUB6MVlOnFRGv5WqXEB0qIcCMed09RDjlWbzkT-3A_MoN_2amg1-u4z52tJPx4ZQmf-gMuiVG1uStMJ4N4PZeC_DHH9CoKbBCHr5wv9dFiU-jGUcwNFlfqOvCwImOixWM-o-2DCPRc1otK-k7fM3evyZF5XUNxJ6G6cpXSpoctMeg3Q3Yk55-kzRcthXmC-m-NDLStJAF56PHz5sTRgyoMtasXSSCHZqge01l6LorR3EUiyhL0bEnOles2JdmZwRnpMBAR5y2Cow7Z6FXtmQY-zPQWNHn3zmIhM-vhRQlFij614D2Dc-4ApWMuzDXWoZ_rYaXo20sbao_rzSdqPnsRy_-L09W8Jg9P5H1W_vh8NGO34u-wmT_ncVjyLaFtmA-llmgiIycenA0JkIJ_jKvJA0HEseOgnLR8Y7yAZa9qWcKm3WT775UvwppZ2v-f-cucebJ7U0V_hW7ZfcBIrtCMdaPQGkJn9wxlJ7x7QDv9pk2dnuIc2SBQdY77kN2WymYlDl37_YnjBQfKo-mEDqk5BbrmkVpZvhg5O9dnF8kS6_g-3Qo7BZZPhHwSi4j7N50aer76H5HW6HImIVIQYZBAA4RFrV8oot4NomxGYN2ZTbeiuN_NNBbtxSfEmK016OVcsGJ6itOG6bxs7kCPJ9xhKO5Sis9ywxK_XdQpNCi_WLr3d1HchQuy1N-9AJUTC2gWxNvY1_c-M44oH1xjQwjaRdcorM7QwOommewcSdotXHxGtZDsxcxVQhXf3GMUo_Mkw&sai=AMfl-YSjARuCEFh_xRMXPW602N-QENU0t1q0eZ0f48fKLoGC4XWahFuwngGfsJd9g8CYv2-bS34IIdWDf6gpQrcxWWia4uJejnBi8FS4smGy2UtjUYKrysWZs8SfLCaecUmEpRS61to3cVotUbk3if1alqRzyJq6wW93xGXeaWY4TAr3Ic9P7pm7iquVOB9pfFc8tim5PbvyVfQR&sig=Cg0ArKJSzCtE4c47Uaj2EAE&uach_m=[UACH]&pr=8:F3143676F71BF293&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=80&cbvp=1&cstd=75&cisv=r20230517.68893&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 22 May 2023 09:17:37 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 22 May 2023 09:17:37 GMT
usync.js
eus.rubiconproject.com/ Frame 3C7A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Mon, 22 May 2023 09:17:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 02:03:34 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=60295
Connection
keep-alive
Content-Length
10085
Expires
Tue, 23 May 2023 02:02:32 GMT
style.css
s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/ Frame F4D2 		1002 B
408 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5c5fa98ffb259cab3a3bd4440e7b99a3f859eedd7b4b241efb5c2a6e1dd291d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 18:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
313853
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
371
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:54:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 May 2024 18:06:44 GMT
gsap_3.11.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F4D2 		69 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27635
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:03:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 22 May 2023 09:17:37 GMT
cta.png
s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/ Frame F4D2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b17a5b405d91f1695e49183c8f95a4b39d094ac46d5975a722da4116f85df30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 15:56:49 GMT
x-content-type-options
nosniff
age
148848
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2234
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:54:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 15:56:49 GMT
ctaOver.png
s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/ Frame F4D2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/ctaOver.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce599baccbf9f5fba338024199a0b884b8482b8ac65d8c24d68acea09498f958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 18:36:15 GMT
x-content-type-options
nosniff
age
139282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3290
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:54:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 18:36:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4113 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.idrlabs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
254476
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 19 May 2023 10:36:21 GMT
expires
Sat, 18 May 2024 10:36:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
visual.jpg
s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/ Frame F4D2 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/visual.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2dc6e1610646678164bdb3633a6f4b628748cec2d3b46cef68a109f6f32bc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 17:13:54 GMT
x-content-type-options
nosniff
age
144223
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44750
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:54:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 17:13:54 GMT
hl1.png
s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/ Frame F4D2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/hl1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13963db205a352d2ffd24251548a49ccd80e80f354fcf2eb02a8b24aea11db9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:02:09 GMT
x-content-type-options
nosniff
age
126928
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4758
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:54:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 22:02:09 GMT
logo.png
s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/ Frame F4D2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e25ca55da779bd3b05f845f1add51ab9f7936aa7e9ef7dac72f5aee61579503e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17390809247779824260/HTML5_300x250_Awareness/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:02:10 GMT
x-content-type-options
nosniff
age
126927
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4154
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:54:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 19 May 2024 22:02:10 GMT
b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
pagead2.googlesyndication.com/bg/ Frame 4113 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b4kQu0tD4hSA-hVARc1fzzODE0daF2Vy-bPLW9uau78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
10573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14738
x-xss-protection
0
last-modified
Mon, 15 May 2023 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 May 2024 06:21:24 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DF23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMEQVvEwJNQPf0YcRK7qSCVea7rnRHgFM033qM3J257qJLd0seEKootAlG0pTI5DOAEpcu9rp9844YX4Vzh9yARNzTO9YNgAlEHzM1ZDFarYDsgjoLpU-BSCZUe34TketQ1Ld3l8VQ4RAW4kW00OedbkM7RRov6Qh0Vb7NQdwvmXdYsNDMvie4R7cVCqlaeeqPTezQBr2ce3x5Ag1Wz7SU1N2Z68I2PJq1NhWN3PGFnrgqhWPuWtKb9zpJfA4mxGMnt0vwKoznVTJ8u2F6ZpnOL5hZds0o6QEQBqcBuyxmDcf67r3OJLy71DMvzGTf7WIpNiJiZM7eKJfKivV1jjKXO7VhLzoctO7KblL-u1wn81G7o_49PfYHLgXwjhAPXymsqjx4GqteKyioWyPh110R0RofNZLU3-43Ol8Wg3siV5wfJNSORN7KuAaBafmNXtnmthJWYjDx7iTEC0ACoR1oyG5nW3_uJ-FP_6fWejnMkjA6cQTbUB6MVlOnFRGv5WqXEB0qIcCMed09RDjlWbzkT-3A_MoN_2amg1-u4z52tJPx4ZQmf-gMuiVG1uStMJ4N4PZeC_DHH9CoKbBCHr5wv9dFiU-jGUcwNFlfqOvCwImOixWM-o-2DCPRc1otK-k7fM3evyZF5XUNxJ6G6cpXSpoctMeg3Q3Yk55-kzRcthXmC-m-NDLStJAF56PHz5sTRgyoMtasXSSCHZqge01l6LorR3EUiyhL0bEnOles2JdmZwRnpMBAR5y2Cow7Z6FXtmQY-zPQWNHn3zmIhM-vhRQlFij614D2Dc-4ApWMuzDXWoZ_rYaXo20sbao_rzSdqPnsRy_-L09W8Jg9P5H1W_vh8NGO34u-wmT_ncVjyLaFtmA-llmgiIycenA0JkIJ_jKvJA0HEseOgnLR8Y7yAZa9qWcKm3WT775UvwppZ2v-f-cucebJ7U0V_hW7ZfcBIrtCMdaPQGkJn9wxlJ7x7QDv9pk2dnuIc2SBQdY77kN2WymYlDl37_YnjBQfKo-mEDqk5BbrmkVpZvhg5O9dnF8kS6_g-3Qo7BZZPhHwSi4j7N50aer76H5HW6HImIVIQYZBAA4RFrV8oot4NomxGYN2ZTbeiuN_NNBbtxSfEmK016OVcsGJ6itOG6bxs7kCPJ9xhKO5Sis9ywxK_XdQpNCi_WLr3d1HchQuy1N-9AJUTC2gWxNvY1_c-M44oH1xjQwjaRdcorM7QwOommewcSdotXHxGtZDsxcxVQhXf3GMUo_Mkw&sai=AMfl-YSjARuCEFh_xRMXPW602N-QENU0t1q0eZ0f48fKLoGC4XWahFuwngGfsJd9g8CYv2-bS34IIdWDf6gpQrcxWWia4uJejnBi8FS4smGy2UtjUYKrysWZs8SfLCaecUmEpRS61to3cVotUbk3if1alqRzyJq6wW93xGXeaWY4TAr3Ic9P7pm7iquVOB9pfFc8tim5PbvyVfQR&sig=Cg0ArKJSzCtE4c47Uaj2EAE&uach_m=[UACH]&pr=8:F3143676F71BF293&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=368&vt=11&dtpt=288&dett=3&cstd=75&cisv=r20230517.68893&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.idrlabs.com
URL: https://www.idrlabs.com/villain/test.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.idrlabs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 09:17:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 22 May 2023 09:17:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4113 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
oajs.openx.net
URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&rid=esp
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvM63rd3xUMTrj0LWXY_7AT9tnWkkHcPFFbgRgJvV_gKRxPycasNHUqpU_ZWJ8TQovfCW_qCoG8pFoehZdbpl1ZbxxUYP2XuFbF1_MuKQSyce9zdqAC&sig=Cg0ArKJSzHJc3fomrSPAEAE&id=lidartos&mcvt=13334&p=899,353,1149,653&mtos=13334,13334,13334,13334,13334&tos=13334,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1246821082&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=b&rst=1684747041191&rpt=1642&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIvBVMTNrZP1Sl5GO7A-jrobgCgAAAAA4AeAEAg&bg=!ycqlyp7NAAZ8_aWmXP07ADkAdvg8WlsCA147ly3LNnRsZWMoTig-tUOd5RfC3DHCvwTHHy8Eq8L6hOM_BYGKtSOqtwXwEuqmU80CAAAAyVIAAAAIaAEHCgAh6QOUt3j6MHfYGAiUJZCnwINi3yO84Ioct_vFTiFhBqE5mQLQOpHpRrVU7gr-98ri3sZQv2ox8jNNdsMTK146Uk7MYWgAyQY1bRRl2KMA9zpWLgGepQOBg4SLvzeUYLLu7mCn7UdHYj4BWGnT-E2jQZC1aFtW6PTXECCQ1JxRe4T2XyW8jN7-7Y6FQ-fgtrrvrjhCEP2BKTYkOmIV6kSKC2qeLxuu0Hvinxqjz8YYntLgNBHZUmylziSlMfgaT2nNMuHFk73wV5JKoP21MxAQGLoGuHcuvG6VfCzZ5bSKGc-Uz04gIhJsOKlby1LNKVkUypZf9qlIGAc_JB9TC48HUMLijIA0VwABXVy0pQB6YlqpvcET_YM_XEfPnYx7SksOXKA-_6iNwi8y6-72vGN7CRwQ34-c67RdhhSLjFoqrVRBpSTRHOLyVpSFqOfN6kADlWerNv-c4g80TiU1NBeoLjsNXNfBAYGXniyXst3n3j8i1yi32p_h90xkyDLi52KZUx4QZ8OBP7lPwkyW5s0AVg5bjBgxgoWuRb9978JPL8xAajISjVuaY1dHwGcAqzx1mYJXkaFkSh-ol1m2qRStKYtxaPeTsgQo6Z0bof082Jn4vGdvzWmlmiy1XOcsQ7UpwofBIag01G_RnlwEbVIzrqD2cv42vRjKMCfH9N13HUwO0wG2m4fVQzDCiKejE0F_TXmczHQ0fdkfEaCuTy5MBwApd2WYTOrPkTTNxMmP4UEHm9aS3yiIQLmfLDO7Y5dNcjRj8FItxCKu6ewqJv8ZL91MkLt4IFbxWCHQ6FQ4tZtN3ThDhurFsZqYKyF63aihpHawWPRay8HqEBNvZ4AJa6LwHU44zh2Y3Vx5dlZlZXEA_VXOaMPv79G-oUXFpIdgydT0MRIDv0N9kx1xPlblr7UyFqAhidVl1fO73VdSsz5s3jINHpp34E3z7FtVYOqAIk15-rNucnXydHBIZWCDkf4JRDDk7EkhEOT30ZSR95LWUGYc

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 boolean| credentialless object| $MMT function| $ function| jQuery number| mobile_width string| COOKIE_NOTICE_HTML function| prepareTest function| gtag object| dataLayer object| TEST object| google_tag_manager object| google_tag_data number| currentClientWidth boolean| is_mobile function| postPlaceCanvasSlider function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| blockedPages function| blockCurrentPage object| googletag function| xDomainCookie object| adRecover function| jqAlias function| runAnimCheck function| confiantWrap object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| ifvisible object| launchPad object| launchPadConfiguration object| node function| __launchpad object| confiant object| __connect boolean| apstagLOADED object| apscustom object| _aps boolean| creativeVendorLibraryLoaded object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| setImmediate function| clearImmediate object| ID5 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 object| __uid2SecureSignalProvider object| __uid2 object| signal_decrypted function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp object| atsdropmatchpixelmodule object| atsdetectionmodule object| atsenvelopemodule object| ats function| confiantDfpWrap object| headertag number| google_global_correlator object| GoogleGcLKhOms object| google_prev_clients object| google_image_requests object| googDdmPs

150 Cookies

Domain/Path Name / Value
.www.idrlabs.com/villain/ Name: qsort-villainEN
Value: a%3A45%3A%7Bi%3A0%3Bi%3A9%3Bi%3A1%3Bi%3A45%3Bi%3A2%3Bi%3A29%3Bi%3A3%3Bi%3A12%3Bi%3A4%3Bi%3A20%3Bi%3A5%3Bi%3A37%3Bi%3A6%3Bi%3A6%3Bi%3A7%3Bi%3A39%3Bi%3A8%3Bi%3A34%3Bi%3A9%3Bi%3A13%3Bi%3A10%3Bi%3A44%3Bi%3A11%3Bi%3A31%3Bi%3A12%3Bi%3A42%3Bi%3A13%3Bi%3A43%3Bi%3A14%3Bi%3A8%3Bi%3A15%3Bi%3A24%3Bi%3A16%3Bi%3A3%3Bi%3A17%3Bi%3A10%3Bi%3A18%3Bi%3A36%3Bi%3A19%3Bi%3A22%3Bi%3A20%3Bi%3A16%3Bi%3A21%3Bi%3A25%3Bi%3A22%3Bi%3A40%3Bi%3A23%3Bi%3A2%3Bi%3A24%3Bi%3A30%3Bi%3A25%3Bi%3A26%3Bi%3A26%3Bi%3A5%3Bi%3A27%3Bi%3A23%3Bi%3A28%3Bi%3A1%3Bi%3A29%3Bi%3A27%3Bi%3A30%3Bi%3A21%3Bi%3A31%3Bi%3A35%3Bi%3A32%3Bi%3A17%3Bi%3A33%3Bi%3A19%3Bi%3A34%3Bi%3A14%3Bi%3A35%3Bi%3A41%3Bi%3A36%3Bi%3A4%3Bi%3A37%3Bi%3A33%3Bi%3A38%3Bi%3A32%3Bi%3A39%3Bi%3A15%3Bi%3A40%3Bi%3A18%3Bi%3A41%3Bi%3A38%3Bi%3A42%3Bi%3A11%3Bi%3A43%3Bi%3A7%3Bi%3A44%3Bi%3A28%3B%7D%40expires%3A1685351837
www.idrlabs.com/villain Name: session
Value: 1e5c3c1e-3d8c-4ed0-9e76-fbe95430333c
.www.idrlabs.com/ Name: nonce
Value: 589d08702ffed86f60f98a%40expires%3A1684919837
www.idrlabs.com/ Name: srv
Value: 9a2cd2549f32|ZGszI|ZGszI
.idrlabs.com/ Name: _ga_WZ4R7WY0KV
Value: GS1.1.1684747037.1.0.1684747037.0.0.0
.idrlabs.com/ Name: _ga
Value: GA1.1.215484772.1684747038
.www.idrlabs.com/ Name: cookie_notice
Value: 1
www.idrlabs.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.criteo.com/ Name: uid
Value: 592a15ce-c7a7-4d44-9aa9-4c4fb67f0005
www.idrlabs.com/ Name: _lr_geo_location
Value: DE
.doubleclick.net/ Name: IDE
Value: AHWqTUmWeUFiDCy1LlGtiHuGKkfhgfyWGkeGZ5hvsaAXrON02qpEdCDM3uaSPhzeeVQ
.idrlabs.com/ Name: __gpi
Value: UID=00000c19f3a32d04:T=1684747038:RT=1684747038:S=ALNI_Ma3Wxy7U7bQjylo4Ay-KmbI3l9L9g
.idrlabs.com/ Name: cto_bundle
Value: iIZORF9VQ2VXdENKamJDdFRkVE10RlEyVFRlMHRwRGklMkIzVG5oc3NmMUJ2S2xXZlMlMkZDVVBzd3lncWIyeG1QQ1p5ZmRwVjZ3U0JZJTJGbUdtV1FLcEkzSjRGeiUyRjQwYUNxSk9LcFBQTUJhaGhVbHVvbTR3blNyRmMyWnlTT2hIOFo5VVJnS3ZIcUtlWW9saSUyRnhKdEdpTHNmS1k0OXF3JTNEJTNE
.casalemedia.com/ Name: CMID
Value: ZGszHyOhLwzD3AlGz3fWEAAA
.casalemedia.com/ Name: CMPS
Value: 1119
.casalemedia.com/ Name: CMPRO
Value: 1119
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVVgkx[`!]tbPl1M>e)ZlrFUfJ+tGXxoLG<'NXKCOF/G:tU^@+MSBSHbw>YZUjCGHS9N3If)y3KL9D3I?+_n^OzG
.adnxs.com/ Name: uuid2
Value: 8561191816879852939
.idrlabs.com/ Name: _ga_3KFES10EH0
Value: GS1.1.1684747040.1.1.1684747040.0.0.0
.quantserve.com/ Name: mc
Value: 646b3320-5496b-9cd40-4738e
.idrlabs.com/ Name: __qca
Value: P0-856914221-1684747040280
.lijit.com/ Name: ljt_reader
Value: Gr_NqNZHNGX6_p-EToKz61xb
.openx.net/ Name: i
Value: 73aed85e-0497-027b-31f4-9ac84d4a0027|1684747040
.bidswitch.net/ Name: tuuid
Value: a55441b0-c591-46b2-8849-a4235ea4c0b0
.bidswitch.net/ Name: c
Value: 1684747040
.bidswitch.net/ Name: tuuid_lu
Value: 1684747040
.openx.net/ Name: pd
Value: v2|1684747040|gekin0vNiygu
.creativecdn.com/ Name: u
Value: 6N1C459lDHfifFalzzRb
.creativecdn.com/ Name: ts
Value: 1684747040
.rubiconproject.com/ Name: khaos
Value: LHYMW098-S-BJ81
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qro7yieCc05NDpcd3HBZZ775PzI6EyVJjkkIUeXzf4l4VIns/x4ZGABqXKyMctErmDGLtwNJwAsOyYbB5SW5XQ3iJF23I4HHbmma+WVcS1g3g==
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8E7B0C72-3FA4-4405-81A6-7C393E781AAF
.bidr.io/ Name: bito
Value: AAFy6E7I1mYAACFpYYcPWQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.mathtag.com/ Name: uuid
Value: 0494646b-3321-4b00-ac52-38bfc9ea3e8f
.adform.net/ Name: C
Value: 1
.sportradarserving.com/ Name: zuuid
Value: 163668ad-cf34-49ae-abb7-fe29c79d6582
.sportradarserving.com/ Name: c
Value: 1684747040
.sportradarserving.com/ Name: zuuid_lu
Value: 1684747040
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.simpli.fi/ Name: suid
Value: 69B69F95C0274999BF5E0F1EE083CCFE
.adfarm1.adition.com/ Name: UserID1
Value: 7235933438855739536
.ctnsnet.com/ Name: cid_ed1e80e90c8341a4a685ec5cde2e3f9c
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMre0sDAwNjS0NBTiM9T1rPKIcHPPTy5yDM0FAJWctw0lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMre0sDAwNjS0NBTiM9T1rPKIcHPPTy5yDM0FAJWctw0lAAAA
.yahoo.com/ Name: A3
Value: d=AQABBCAza2QCECSZY4WwTfqqZJ-pU0d6IM0FEgEBAQGEbGR1ZOANyiMA_eMAAA&S=AQAAAjPFJ-KHslP3TCMQB26enos
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1684747040
ads.playground.xyz/ Name: connect.sid
Value: s%3AODJSsr9gKkIm0v8Xe7-lvChHu-9GCPtE.43dkFYxUzBY2ClvtfBQNnJlbbBLdxHDdb8%2FL6Hl4zpQ
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433827988031191
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-8N-yDPXYtl7r3rBX8ImpV6WPsF7r37Nd_o67Xsz3&KRTB&19420-8N-yDPXYtl7r3rBX8ImpV6WPsF7r37Nd_o67Xsz3&KRTB&22979-8N-yDPXYtl7r3rBX8ImpV6WPsF7r37Nd_o67Xsz3&KRTB&23462-8N-yDPXYtl7r3rBX8ImpV6WPsF7r37Nd_o67Xsz3
.weborama.fr/ Name: AFFICHE_W
Value: gJsAWB1DAT@A60
.csync.loopme.me/ Name: viewer_token
Value: e6113f7f-855e-4eff-b376-b4c84ff89771
.adform.net/ Name: uid
Value: 7205373100423319410
.go.sonobi.com/ Name: _usd_idrlabs.com
Value: 51294905-bdfa-4866-a03f-99ce29cfe6ae
.de17a.com/ Name: guid
Value: 1.8564978026822791323
.blismedia.com/ Name: b
Value: 646B33209BED80288830E0E7BLIS
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8561191816879852939&KRTB&23339-8561191816879852939
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7235933438855739536&KRTB&23369-7235933438855739536
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:0494646b-3321-4b00-ac52-38bfc9ea3e8f&KRTB&16736-uid:0494646b-3321-4b00-ac52-38bfc9ea3e8f&KRTB&23019-uid:0494646b-3321-4b00-ac52-38bfc9ea3e8f&KRTB&23114-uid:0494646b-3321-4b00-ac52-38bfc9ea3e8f
.adsby.bidtheatre.com/ Name: __kuid
Value: ba8e5688-8a4e-44be-834b-b42e4cb154d2.453961040
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGszIAAL5bHx0gBL
.mfadsrvr.com/ Name: tuuid
Value: 69647aa7-efc9-4af1-b8f1-129b8a104b42
.mfadsrvr.com/ Name: c
Value: 1684747040
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8564978026822791323
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEBf2YgFfOhTVFjNTFvl6HW4&KRTB&22987-CAESEBf2YgFfOhTVFjNTFvl6HW4&KRTB&23025-CAESEBf2YgFfOhTVFjNTFvl6HW4&KRTB&23386-CAESEBf2YgFfOhTVFjNTFvl6HW4
.creative-serving.com/ Name: tuuid
Value: 72ee1ca7-62db-46d9-a5ad-06afaece8bdc
.creative-serving.com/ Name: c
Value: 1684747040
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b5fa0ccfad07f03d
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-8E7B0C72-3FA4-4405-81A6-7C393E781AAF&KRTB&23413-8E7B0C72-3FA4-4405-81A6-7C393E781AAF&KRTB&23479-8E7B0C72-3FA4-4405-81A6-7C393E781AAF
.mfadsrvr.com/ Name: tuuid_lu
Value: 1684747041
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1684747041
.turn.com/ Name: uid
Value: 3831658881924355672
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7205373100423319410&KRTB&23263-7205373100423319410&KRTB&23481-7205373100423319410
.creative-serving.com/ Name: tuuid_lu
Value: 1684747041
.amazon-adsystem.com/ Name: ad-id
Value: A_30vK5WKEIAj-LUJaGJCcw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4191946852113995352&KRTB&23150-4191946852113995352
.smartadserver.com/ Name: pid
Value: 6405618297063099829
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAFy6E7I1mYAACFpYYcPWQ
.tribalfusion.com/ Name: ANON_ID
Value: aRnsIHPME7eQmKvCiHx9CkGHYv3yqKeWpvGU7fndlTJVLa0a9QXQqknNRqEcFQwJ39h38dKpvIAv3cYGQuuZcNmyc
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAFy6E7I1mYAACFpYYcPWQ
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-773d1981-dab5-51fa-5ca6-1219b1bafdcf.i8KVgC6TV33Z7EAA%2FtPVEhQdbGhCm60OT5kvSzx0W1g
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Adz0Zgdq1UfpcphIZsbr9z9lAlwk.ZUfIHXdbA2tccXY32baHj%2FeaTRXnK5uTC5GP%2FMNYiwU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Adz0Zgdq1UfpcphIZsbr9z9lAlwk.ZUfIHXdbA2tccXY32baHj%2FeaTRXnK5uTC5GP%2FMNYiwU
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-a55441b0-c591-46b2-8849-a4235ea4c0b0
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-dz0Zgdq1UfpcphIZsbr9z9lAlwk&KRTB&23334-dz0Zgdq1UfpcphIZsbr9z9lAlwk&KRTB&23417-dz0Zgdq1UfpcphIZsbr9z9lAlwk&KRTB&23426-dz0Zgdq1UfpcphIZsbr9z9lAlwk
.go.sonobi.com/ Name: __uis
Value: 3c3c7336-8375-40aa-84ba-b25c0600cb71
.audrte.com/ Name: arcki2
Value: 7c5mRjg6mLATeuYw8rvoQlQzg!20220908!1684747041205!ip#217.64.151.9
.audrte.com/ Name: arcki2_pubmatic
Value: 8E7B0C72-3FA4-4405-81A6-7C393E781AAF!20220908!1684747041207
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-76b68e41-a175-40c1-93b8-4b6a90b5fee6-003%22%7D
.audrte.com/ Name: arcki2_ddp2
Value: 7c5mRjg6mLATeuYw8rvoQlQzg!20220908!1684747041562
.mathtag.com/ Name: mt_mop
Value: 4:1684747043
.audrte.com/ Name: arcki2_adform
Value: 7205373100423319410!20220908!1684747041974
.w55c.net/ Name: wfivefivec
Value: JomcGRqV1Q11Fo5
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129YkycHIxriqsMC-uMrZwiSwqjPAw9wUAWJPNDR4AAAA
.w55c.net/ Name: matchgoogle
Value: 5
.idrlabs.com/ Name: __gads
Value: ID=27868814f124b32d-2202d96ae6dd00e6:T=1684747038:RT=1684747042:S=ALNI_MaFKaKFNDbUYIWzMWXVa_pbSsB1oQ
.pubmatic.com/ Name: SyncRTB3
Value: 1685577600%3A63%7C1685923200%3A99_249_7_22_13_176_55_161_251_214_88_243_254_238_220_54_3_21_46_165_8_166_204_233_81_234_71_56%7C1685318400%3A2_223_15%7C1686009600%3A35%7C1687305600%3A203%7C1689897600%3A69
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: DPSync3
Value: 1685923200%3A201_245_227_226_219_197_241_235
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-76b68e41-a175-40c1-93b8-4b6a90b5fee6-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%221508%22%7D
.onaudience.com/ Name: cookie
Value: dfe66d05ed691090
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-Ecv7Kmx8QMnUUQaVnQURbaRa
.lijit.com/ Name: ljtrtbexp
Value: eJxdkDEWgDAIQ%2B%2FS2aGUQMGr%2Bby7Yh0K4yfkhXA1n%2B0kNXFRRT8afQhjRuDI6qTM4OKu%2B7qYhSzY%2Fc9bAfgmtnneifXMpJnhOcO4%2BFF0KayZR%2FWXj8i6D9P7CH3oxuGfW8doVH7g%2Bz24H3R4Sa4%3D
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1684768644544
.zeotap.com/ Name: zc
Value: 66124555-3074-4e3c-62e4-ca5fd7f1c17a
.onaudience.com/ Name: done_redirects219
Value: 1
ads.avct.cloud/ Name: uuid
Value: f65b57da-3428-4375-802b-c61cadfcf72c
.gammaplatform.com/ Name: _aGeoIp
Value: IT|Genova
.gammaplatform.com/ Name: _aUID
Value: 1smkskj6ar06
.lijit.com/ Name: ljtrtb
Value: eJyNkMFuFDEMht9lzliyEyexe5uZnWVXu6K0HMpyQUkmA4gFFRUJtYh3x3kAJC6R4%2F%2FTb%2Fv%2FPZAbbgYJkUhJKEpSCU69Dq%2BGIF1a0oRzcuD3IwMzBhAaI6TZq1%2BS1ePeWBeNzSEwU0GoQQk4FgcirJDZ%2BdAyVyxoLKuxn6fzudSvxzJfbq1H1lLy0ZHYDtGxOo8pdGdTgjicI%2BoeybNbROfZO4zzhGkaJSyG6b%2FvSPT%2FdygbGzlO3gbotOwEnYh4XNAMzsd3xkhn6k2VNcRtbavkiq0Udmvb1sohY5LCrZPBSDN%2Bjks60rfLOM77x8ulvn2467OSqffvIcUSpTFBphSAsRKoLwJcYlYsYWstAqLvhj3m%2BIZmDnrdHbYv2z5fX17uS4%2FVm7bK7tPHw%2FkQTuHpVzt9X0NJj8%2BnO%2F5h%2F9vXP9uH5XB9avc9lu5Va6teawJOmcEWJ3BVGzSWGGitWEX63L5q1GhUTtC2qsB5IyhiDzktkgnZIhj%2B%2FAX7HY9o
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1smkskj6ar06&KRTB&23446-1smkskj6ar06&KRTB&23465-1smkskj6ar06
.pubmatic.com/ Name: PugT
Value: 1684747044
.go.sonobi.com/ Name: HAPLB8S
Value: s8530|ZGszK
.zeotap.com/ Name: zsc
Value: %CE%C5%9D%AF%B0%C0c%7F%AB%A1zG%A6%99%FA%E8%B3X%0E%88%B2w%14%FF%D7%01go%C1%B9%BF%B5x%7C%0Ft0%A5%AF%150l%24%98%25%14%02x%96%FF%C3%BC%E3%E6%04%E6X%FE%B3E%A1%DF%1C%B2%D8M%D6%22%95RuT%D0M%40%83%A8%D8b%E7%BD%09%9F
.w55c.net/ Name: matchcasale
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2bs9:175w~2bs9"
.brand-display.com/ Name: _knxq_
Value: 5dbc25c0-92a0-715a-a23a9109.1684747045.0.1684747045.1684747045
.quantserve.com/ Name: d
Value: EG0BHAGGKfijCJiTCuu4EJ9A
.company-target.com/ Name: tuuid
Value: 200709a7-de0b-46c6-b1dd-7722fb6d785c
.company-target.com/ Name: tuuid_lu
Value: 1684747045|ix:0
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129YkycHIxriqsMC-uMrZwiSwqjPAw9w3iNTSzMDE3MTcwMTI0MtvEiOAbWJgYvGJEkTf_hcQ3NbM0WCWK4AMVGAMA0-sryG0AAAA
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_2d194697-4aab-4209-a57f-1640a5e7d7e6
.semasio.net/ Name: SEUNCY
Value: 72D0E1B4ADC03640
.scoota.co/ Name: tuuid
Value: a4a4add0-4ac9-4109-b5dd-125f72c4ed68
.scoota.co/ Name: c
Value: 1684747046
.scoota.co/ Name: tuuid_lu
Value: 1684747046
.pubmatic.com/ Name: SPugT
Value: 1684747044
.awin1.com/ Name: awpv11354
Value: 412871|1684747046|77a8e360-f881-11ed-b339-2265b7c46fb7
.awin1.com/ Name: awpv20044
Value: 412871|1684747046|77aa1be0-f881-11ed-b339-2265b7c46fb7
.awin1.com/ Name: AWSESS
Value: 415363:2904924
.linkedin.com/ Name: bcookie
Value: "v=2&421dcdbf-2553-4dee-8b33-e1cd4c48347d"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODQ3NDcwNDU7MjswMjFLEV74/rHxnFtLg82ThCwvVFrvrDHuI2j3aAnk2UBhvA==
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2926:u=1:x=1:i=1684747045:t=1684833445:v=2:sig=AQHhOSokH8FhDZOras1iPatrqWNU4Ft5"
www.conrad.de/ Name: HTLP_timestamp
Value: 1684747046150
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: 6CK0bdQCy3Mzn11WOwrcE4VozHjn.HGDWidZ..gZ7xw-1684747046-0-AcGTW7Yt/VZJFfEpZIQ8PE858FK2LRjMzGKdwpz3tD8cI+S/qVwAZNivhSYDS7YcKocUtRScQtxzoPP5X3/0HLc=
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NDc0NzA0NnZsZWExZGUyMDIzMDUyMjExMTcyNjg1MTU4NTc3ODczWDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWQ5a01hTWZtZnhFMWhLSEJIMnQ3dHJyOVU5U21UenptU3JiQlhvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023052211172685158577873X117679V1226132702MSviewoneid9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY4NDc0NzA0NnZsZWExZGUyMDIzMDUyMjExMTcyNjg1MTU4NTc3ODczWDExNzY3OVYxMjI2MTMyNzAyT
.go.sonobi.com/ Name: HAPLB8G
Value: s85142|ZGszK
.prebid.a-mo.net/ Name: __amc
Value: 10_1684747040_1684747056

27 Console Messages

Source Level URL
Text
javascript error URL: https://www.idrlabs.com/villain/test.php
Message:
Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&rid=esp' from origin 'https://www.idrlabs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.idrlabs.com%2Fvillain%2Ftest.php&rid=esp
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8E7B0C72-3FA4-4405-81A6-7C393E781AAF&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://as.ad4m.at/ad/dr?ed=1kxa9gxqq60zx5mkmeyy32qwzehn8zzt5k3p299ycmfn4vjpb5kdr6m0gms6ybpbfw43yp6hebxmk7kk0sxvnp30x0ygcrxpcs20wk0g0pa8t3xp8y3eazaapd0gb6xc42qct5zpb2ag1kra1bddndwpmzmg4atmhkjpgamq65qhg61gdgven487t0d8hv1a2txcnq4swy7xrwqp6wzyf0t4echmq1w37w6g0sfjbrpapynrwgghhrd5bds4zhzsen87mr2wevcxe14x5yehsntrjym1sj6abkjvqnb7ja7r2zxtayyfp4ygv5tc5x77nwq29bs8abkra0kjhphk2zrmk9ct8qfr48v499gzv6bk8401gbr6fkm2d22tffdwnfvdxekxvkr8bg91re7sp56n8h943ktjgf99ppzntm0zbw1hydmtx9qb3hj4m1x0p22tmyeb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%26client%3Dca-pub-6552175488733768%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/dr?ed=1kdvh3dp15j615aqn17pvgn9e8kwbtjydsj51djbzyxqsk1z0w7582mm12y7tafyztftenfqea7s2ghxsxsgrk67j9h2vav90wkyqngcjmt1w46febxy9ymz8c4z82n5y257n5v7shkmz356bz55br2jeehfjjztbwb4t319zfr57r874frt6kcp7a0ybq1pe5hv6akknxa4snq88a57a480m4cjrqgkgz74gv0080daz7eqr8495p2sn7q9s2fdtyp49gv2302vvhe0c1xsm75ta85ecx3ezj2jb628t4tb6h3pp2nbft56c2rx8j4wjvdw6sabpssam2xng4ez0m5ekw2jf61fyx63rskzaabvajmsv1dmjgnxabxg8kzbqh31trejjn50ep9t17ttprrddvffh6jc0ygqyfxdhewew0jxyrhd70ce5m5s8yfkfj1qsyww&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%26client%3Dca-pub-6552175488733768%26adurl%3D
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R3JfTnFOWkhOR1g2X3AtRVRvS3o2MXhi&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://as.ad4m.at/ad/rar?a=117569%2C19457%2C14019&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C9kMaMfmfxE1hKHBH2t7trr9U9SmTzzmSrbBX%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C1QYtbfKfqBDs9HdH9tpC22rh2SKTGG8Sx7XQ%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W&c=728&d=90&e=&g=fa85a2a9476bee9b0a14c01255d6691f%2F17840928890808603164&i=29981%2C20774%2C21596&j=16%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747045231&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gh8pm0cny4vkh4v9cg61hs87hp3zn0k7rb6fnwpc5z2rhph54pe1hej1rtxwstkeqzf6dj3khj9sdwzn2zs5gwbw1h8azh3hwdh6py3mxxanpfzs2kgpte3cpf01pp0efrx3nqes7gpnyz047tmq0a8gny85xksmqhtnwaxmd0nmj3crtzqqyzcwvz3qf0exa3nr66bk13b308tkyceed7dedp331zkzz3mqg60xaq1edwk0rtfn6zza7wavtsx6mdzb3xh68y7xw068nsez4xs%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCxkgvITNrZIymA82G7_UP7oC5wAGQ4YGEXLaoworwAsCNtwEQASAAYI0EggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-4AIAqAMBqgTwAU_Q78g6p3IfhmwojbNPXeZSqb90vPAhP5CvPtMbrBYAqpyFv-k59xBRIh5ZBvkDPCAklVUuPxw2ZuoSM1v8chafZLiFQIkOjg_SfdnWcxjKv2b8Q0rpVWgSnTbJpYhw4ffn_DccC-6B4MjPxzLh5m33eWPTr6fTNcF2rPqEKKp8BOmn2J839SqyUQv3az9Yv4mzJpx1xZSW-ZMqxIm2kx9oWwZGOTDPQ2QrWYMSe2x3bxSdWka3owKOJVviQkMqPC07JK2rv4RgkLkyiFuG7tMN6-IoMvhDabPmgFZCsQwY-HcUo6jhdD-DxW6P3g7AGOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XOTLFwWXjtJfVyYp4Eojjn-7LKA%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://as.ad4m.at/ad/rar?a=197862&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=50&e=&g=35bcdd93525dcdae24587dd9b5917447%2F3081943047882326971&i=71725&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1684747046468&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0pwcjjvwcb9xc05amcv074vc9je94pz8nd58rn32v9r2d2cs9xxgj8stpvd4k20fd8hs12mntryx46wj2hnfxg279a6tcjm3ash3he23zd6eky04475sjjj3sqmm6s2qtanvsb9xapjcjpbdxqqg5x0hg97gjg6bwx6qbdn7m8x99h7hyqyzrfryex4rpe4vg9nhnzcc934myebjvyfsfynvrwvg7r5dmqn1y36pkg3g4j9dkd6x12baa6j480cnv22x7gec0ztgfbpf949eye%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCqdJ4IjNrZImjJbT2xtYPq5WM0AyQ4YGEXLaoworwAsCNtwEQASAAYOUDggEXY2EtcHViLTY1NTIxNzU0ODg3MzM3NjjIAQmpApJs-AuzILI-qAMBqgTKAU_QRCGmgnc7qD0Jsqw5_8iamHqSQLaxSqmudgrKv8XwVH1qh39EHj0CWrIYHqdMxSPg_MSjiSns2GrsWZp-jzgXWcsdyoh6rXWf0eC6bVSp7JAJEXJ3qENsH9sKw-EAjq7vr7Ge5iunHzxuqAbXt422zIIY4mImx0tSjTwZOkhD6ehQF4uWVkGG2tF9DcPCvPRNk26Oyic831--x0OROATHMn4dGeuXn6_SpULXp3DOdo__TgSYtIG6ERLG4ut5pOlOeQ_wjnSGTniABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0vWD_xGzyGWEguacix1RqsrsH19Q%2526client%253Dca-pub-6552175488733768%2526adurl%253D&y=1&s=&z=0
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

87611474810e088512a1506d145f792b.safeframe.googlesyndication.com
a.audrte.com
a.rfihub.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad.yieldlab.net
ad4m.at
ade.googlesyndication.com
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.webgains.io
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
api.saambaa.com
api.webgains.io
as-sec.casalemedia.com
as.ad4m.at
assets.ad4m.at
ats-wrapper.privacymanager.io
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cbbc1dc1485b314628c054b93c4f0f5b.safeframe.googlesyndication.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.idrlabs.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect-metrics-collector.s-onetag.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
d.adroll.com
d.turn.com
d5p.de17a.com
data.adsrvr.org
dbt.adition.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dsp.active-agent.com
dsp.adfarm1.adition.com
dspcluster.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e7495a226610504c7ac7352574b0ccc0.safeframe.googlesyndication.com
esp.rtbhouse.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
get.s-onetag.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imagesrv.adition.com
imasdk.googleapis.com
imps.monu.delivery
invstatic101.creativecdn.com
ipac.ctnsnet.com
is.dopascalls.1und1.de
js-sec.indexww.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
matching.truffle.bid
monu.delivery
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-geo.s-onetag.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prod-rtb.ad4mat.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
protected-by.clarium.io
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
saambaa-static.azureedge.net
saambaa.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
st.pubmatic.com
static-de.ad4mat.net
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
uipglob.semasio.net
uipus.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitanalytics.userreport.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.idrlabs.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
oajs.openx.net
pagead2.googlesyndication.com
104.18.10.47
104.18.11.47
104.18.24.185
104.18.25.185
108.138.7.127
108.138.9.235
13.224.189.70
13.32.99.122
13.32.99.75
13.53.228.151
134.122.57.34
141.101.90.96
141.226.228.48
141.94.170.77
141.94.171.215
141.95.171.142
142.250.186.102
142.250.186.98
143.204.215.23
143.204.98.87
147.75.84.158
15.197.193.217
151.101.130.49
161.47.17.28
162.19.138.117
162.19.138.82
167.233.13.224
172.217.16.194
172.217.18.2
178.250.1.11
178.250.7.11
18.133.36.104
18.198.111.14
18.235.136.0
18.66.112.48
18.66.147.52
18.66.97.77
184.29.202.60
185.183.112.155
185.184.8.90
185.29.132.241
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
185.64.190.89
185.80.39.216
185.86.138.150
185.86.139.94
185.89.210.180
185.89.210.90
193.0.160.130
195.5.165.20
198.148.27.139
2001:4860:4802:34::36
213.155.156.164
213.19.147.43
213.19.147.44
216.52.2.6
217.79.188.11
217.79.188.12
217.79.188.4
23.215.16.120
23.23.142.39
23.32.184.192
23.37.42.132
23.88.86.2
2600:1901:0:76b9::
2600:9000:211e:600:1b:5138:8a40:93a1
2600:9000:223c:da00:6:44e3:f8c0:93a1
2600:9000:2250:c00:a:e047:753:be1
2602:803:c003:200::21
2602:803:c003:200::27
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:1857
2606:4700:10::ac43:266a
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700:3030::ac43:9d48
2606:4700:3033::6815:866
2606:4700:4400::ac40:99f6
2606:4700::6812:19ad
2606:4700::6812:7e05
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a01:7e00:1::b903:5c4c
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:6c00::210:ba19
2a04:4e42:400::485
2a05:d018:cc3:fe04:1da2:71e5:22b8:3522
2a05:d018:d29:3601:bc24:9894:4425:647
3.120.46.248
3.125.82.56
3.127.29.62
3.65.236.207
3.71.149.231
34.102.146.192
34.102.163.6
34.102.253.54
34.111.129.221
34.111.131.239
34.111.151.213
34.120.133.55
34.160.236.64
34.194.0.142
34.254.125.132
34.95.81.168
34.96.105.8
34.96.70.87
34.96.71.22
34.98.64.218
35.157.142.227
35.186.193.173
35.186.236.140
35.190.39.111
35.204.74.118
35.214.153.92
35.244.159.8
37.157.2.234
37.157.6.243
46.228.164.11
46.228.164.13
50.57.31.206
52.16.122.133
52.209.9.234
52.220.229.2
52.222.208.154
52.46.143.56
52.51.217.131
52.56.253.51
52.94.220.185
54.227.251.232
63.33.7.30
64.158.223.140
65.9.66.22
65.9.66.97
69.166.1.12
69.166.1.8
69.173.144.138
69.173.144.139
69.173.144.165
72.251.245.179
75.2.13.80
77.243.51.121
8.43.72.98
84.200.5.215
85.114.159.66
85.114.159.67
85.114.159.93
89.207.16.137
98.98.134.241
99.86.4.53
000f20079e1db1fbfec54cd1678f9804fa918be2770231ef94113ce143424a50
0092cb9c4803a12abf9fc1c0b4776e6ef441b8c80f25c89d352f174ebb88a8e2
009b99929c1390792e161d3c0e54730074430036f5cef9c8b54f6fcf9b3702e9
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00df4c71abce5525e275be8f94ee32a07ffbeea94226e8096bbb432e3928e8b1
0199cbd6b349af55927786ca479817fccf65fa7dadd38dd593ed6c26cf853d46
01f032fcf084378fd1b3afb3696a864d226632ad99a9b15077840ba4ee6fc82f
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
03abab4cc9e55b10ff62d30c8e797db973f870a8433c000ab6f00df5698f778a
05674e6fb9250b67aadcb4fd76abc30bb7311cb8be7a93824a55aaf707c75769
0629de3e7bd589152e97db6c442b0c07a9adcdd575bc3b25d66fc381c7aa17f4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0754bd967d21fa5c10fa6955be0e44b20c7279c756a20bf290f318a0b8fc2bfd
0782565894966d4511c6003ef8a05302dbba735d1fd38787685ec1d674cda46e
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
086d2640aa0b56174f1c297077c16a2efc09e3f44101f5586b6095603ab27955
08b51ffc501c83acf5428a12afa789fc46748cf96caa3de64643c6b80c3288a9
08f7c47ba7143e50d83ded2036066fc0cdf608940306e55253805208acbfea6d
0a9ab46ed2e6da6366cd989bed9d64b3583c2734109c39160f97e091ca6acaf0
0a9c76be2c0dd34a7fcf8bd6cbc45393a235dab4aeeb5180a43861f825b1ecb1
0ab6948fdbe10caa6eec1dc018da0145f6567a36bdf1cfe025058848800e8228
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c160b101e06a7e023925e8662ef7fa797866c555b0b439a7b08909e72909d70
10db6dd2309687596324ed42761d2258fb25820b7a083ecb86ca1d1ec8290e5b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13626b600e6da99f04fbed63da9b9c46264dc36302e7c2ef10bfa31cd325aa1f
13963db205a352d2ffd24251548a49ccd80e80f354fcf2eb02a8b24aea11db9f
139b5bbf6aaa835413c9de4f77fac25469a9ea4976e4dbda20b29bd0e63eef81
14031565e5c9c98bb9ed04d6b707281b989c82ce705099daa43b0c41956e49bc
14276d8a4b7295e570a0601786364103ccbe2111e8bbdef093ace36b3734f034
144e58ab72453af35fe0f289b5e4abf1ed36515655f79731610e6a5368d1178b
14817d6a5f18f51a3e30cef055c442d64c626ed8e0f5d82ae4d8547b5d9de384
150e3ffd65668b02cf342b74de5f6a09da4336b2fde80a06b860e12975ba8e79
155d4d1b4df63b8176b538cadc68575bc0b226dd39f70b5ef0b16b4a7070e409
15786d8256f31076d7df2abe66584ed13242fa354434feee5b3f1edc02515290
17de3262ad039e8e603f9761dc70c7dbdeeddefd20669e95dd499bd9d9249ccb
1803f3f616581bc64a285adb86d4f1e1bd615297a7b207bfb58a1558562d4e93
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18df7c8aba90bf80744b329ed229e63d1f5e28cb3bc9a3ba5cbd7a698612c0b3
19bcb773c698b5695f2437f105aaeb22a2401e5228f534253fae84829431d1bc
19ee3f9185592eef8f3f7fb69f09ae774b9f71626eebf136fe1c3ac2f8075487
1b638be35733082ef9f7e5ef09b8ddd8e2a0a4c66ff23f6b22b1fd6378642852
1c81a95f5c6d8adedbbab2f61000eb3e31cd198a6c1544d7bec8b49d8af79d15
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1f14673ac622f94aa881943f97fcdcd69b2d1136e21c6198bdb2a3f11b93b357
1f40b2f7e8b711e86201e69a2bdad0c662792861801b895b23dc36971a822f8d
1f6a38adfbe68073b69255d62e7e731c71968f960b3a34788da7e59262ff94d9
1f90d0f1c22775889ffd03597983823b7640661ce42eb9ed20c98dcb2d8ead62
1ff067250a334697aa929240baa053c275243c0bbc1a5cf9b1e280ff2eff85aa
2094c08f370920907a02723c04a3c858bb4cfd7a386bda434e305796d928af39
20c8ffe1db558d0f75d475289938ee67dbe4dfb58e3e7fac65f19dbb8d8ceb8c
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
21bf4b49938284aaececf999f198f621de0aa792bb5315fc21255d0ab439e145
232bf950740690a92eb6f4a6110a536fbe24114928c38ebe80f69aa3b2db6709
23a8715bb3d25d3f29b365bb341053fa3fa780fd1e0bbfcf17b1d36261fc7f7f
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
25a45deddb6dba1e03c2148f87017e567cbf4d96095afa25f258c40f14bf6805
2687a4d845c445c6cfbc1473dba8865d5ee092edc8f910e91867893b7963ccfd
2783e9c0e4419aac7f2832b32afaa746eb0ee360c07dd1be9bc0f3184203b456
279e5b9e86ac6db0ff3cf17eb88c76d4208af8cae6a206b979dbb028592f8f22
27f5ddd2ab6fdf955e9ba1aa9a59b664537e8a51b2ec003f9ef8540246facdf5
2993958bd3de1de515ef5163465b6722ee82cc16af1de211858ffce1ffdd05d3
29afa940e102abcb77e939daa8d48d305b5c4a23c43442a0146a3fddcb33e90e
2a46af680186b2de194a227018f8c506cac0732cfe996664376990c8a834b6a0
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af81711ea6d3818fd076ac9cc25f9781c55240cf1816d7a6cfba704903deba8
2b1edd1c77221f56b743d07216c8c001b29ca08163bc7c77e763b2f41b9a2f42
2b7fb1d014cb5f57355454c0e8a9bc201d3e630ff9e7250de04bafc25694d9f6
2b7fc5ebddd3adb8828b632c928445bd78c22ab7929c9edfdf89b6a04de9ba8c
2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0138178b68ba97b31998b5f81143ca66fab58aade2e92ae9ba3a600decbe66
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f3e7ea17b518b4f09db510225a46097ba164d8a96537d2102884f2abfca0ec7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fa6688fbd96ecb0c012c11705b41cab67e38311ddb8b1340ac6ebdb8fdd4aaf
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
3161bc32f8288c39d4615c57d4c9aca6d4de208a8d4325612f277748ec39b67c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32a3422a74af7d747de4ac5565752364302c87f16f4f546cf2f9473626d7df8e
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
33a6817c3de0fbca8b9cc40cc53cb2e455983007e57969849ecbdd0279508460
34528377e8bfb483827b94617f604ca4cf100fa43bdba1a94e066d7697c8d25b
347e7ded52f62c949f714afffaa196421f5de5e3a01e4573b8dbd0147ac6c875
3482a7463c0a67a4037dbe8cf40a93d6564591b67d77e81f3f5ccb3360ba3618
34ee839ca8272d45b424558f5513635f406431401a6e513cf263aa643c05c343
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36bce364d27862838be713ea5e7416ace53204e061b6eb4cc5878e8cbb9b66e3
379150abefc3e1c41de071f47be25fcb991969a73e336e0a3089e35f222f10f1
383f94ef90ee5202247014ac9aca1a13ff647251313d001ba1643a772d9b3ff4
38ca3c360ad686a0ac33ea95731a2f777213f87e97994177edd4dceb8b9c9607
39fb562c068258008679f69bc38607427394378addd6c1cbe134d0be26261b02
3a7fec252cf104e6eaf0538fa940cae4b6b82efa60081e78de200e8ce897de0d
3b323d0b183c46bc5ed1b5b52eacee5f5f5326e9acd5cb3771d7744605dad05d
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3d103e7358623164e532756a2c05edcc105a0a7195db576a33f92f5c656484de
3d6717d5f844aa4d5570e09ef3deeb7bf68a0ac48b46b2a4ce2b8557fa9a8a81
3de0d577b66fe1d7d7bc3cdda4b3b099538598640a5fe27258ea8321e500c036
3e18c8b1d97b6da1d013835a374ea4c88f5985ea76c176ebe93930dd9246bd21
3e3d1e63d1d7b001ed41a102a8341aac723452b68e04a2328d02bfc7433df14d
3e7607e3c04b3ffcf0aa13750209b50bd1a2c3f239076cccdae61f70c367e1eb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f27870b71f2b71fbc0444ad585cfa127686e716c3246319cb0fbac147a33b33
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40441ccf411e18ebd1dbd3725b69975c48c0a9d749611ac1d88e8bb99408be19
4053a2d92fcbd6c8650c687fe22ae3f8662c000b1502044ffd23e33f87790988
405b50d2095dafa8f38254efffb42e53d5d482804c38e4e1078e99756d06a85e
4143086d4620148bd7d9bf233b79d8440a938df912735a9490ae3eecc231f529
419bc5e687958157dbcb32fced06c796dbfcaa7904dab9cf80b595d4c3130a9c
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
41feffe84b69b8987ac49504eda7997f6b804ace48c54611d499c9ae8ab5d8e9
426bb7258f050fea63b6ba1b4e0e46f490adf8f2359fcb444f75217dc74069af
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
44477718a93f60d3160af576aa9f35cd506b547b7b9927028eb3ee0f6c68dbb5
446053ef0213c73fb61ae7f5886f3d3b6bbbb6d896d664977d8821afd65d497c
446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4
460851389148d21b13047a37c55d0111278e85e0956a9e6c7a55341e5e316eaa
465ca6bd59306caeeabd0293a7138e20a6c8121417b8f02150c2e7d7486ecfa1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f123116e1e6d20a241c21515a0fa80ac44bd04e98736779fa40b7ec3392c08
473bb57358fe1594bc940bcbbc79c86b3f13b2694d108498b5f054f89f972161
47ba46ca2c46f800d3e9e4511cbbcdf0dcf34f92836ec4ae054962e997f0f12a
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
47d8dabc70c62f44afef6ddc54356b49f16ed6b4f01b306f519f63c7a1283f79
4860acec14bc9d292fa79813428c9f0752c9458b35d943d409d7747a748dfed2
4899e758d792e9e7da2e5fa306374b981a9c5bf6c88ba3816036d1234ea75222
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ab759f1dd56b8238cf1c1769f5dc890011866f30a2956a4719983ff1686135
495502d90f028d4a711d5708b06818c7f7459bf002750e043437a014fbf2cc37
49ece968a476cb06e069eccc7e3bd495dec6d40483f7e906b910ebf330b565a4
4a64ad6e35ad1a42b69dd210ead7b077843ea16d5c5d0650b002250c34cd8c21
4ad59551a46e14dc538e0aeb3d0eec30a37f3d4baaff3295e119953bc556bd3c
4b17a5b405d91f1695e49183c8f95a4b39d094ac46d5975a722da4116f85df30
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cb0de6f5d5b6eb32ef642f8f9760f77a18309abfc3ecddc8772d41320105d43
4cf436c91449348d9ab3bb45024e3b4e5454ea2e82ac56f575e0b8697b047728
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e77b5b69c7832c8071887145673e6780e18ded026b287adca8e771d808decf5
4eac50110be4f302279ca9c75cdccad805f49d22d6a3271468270a01ef3a6bce
4ebc07c325392afca8d3dad06b94ee2b507ab13b293b0cbf3e526b27fd8cda7e
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fd72c0cfb8d95cdfaea5fad8b8853c68c1cb68250d34085980d9a9623b9d6e7
50139391a1782871ce511cc899de384831586749c09c6d623e8f33c249113fdb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506319c2a9a75194c4138c4fe59fed0c8800f45eeb66945e92726c8cae488ad5
5128a08787da5a2965c38c7e818f45f48362c8064a6e263950b2b958c4d905f4
519909dfddc9f617357f177631cc8c9c37e58f86885188e50aa6b30b9e02c3fe
525b4d0db0f81d32ed1a7c009d6e4cd4c60e3150b58fdc395022898c52d5a1c7
525f3952a087c1026c64ffa57f80d305074f5258f0840148cc3fff717a21f44e
53c78555d2295addb60e45025e965d16e4c202246f6da44f1342ee4c7b53a043
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
546a53cf975ab441dd042b7a03b756dcc6e0bd698e206cead651b187eacbbfa2
557ce3826598a7c297dc292892c13952b52bf64253d13fc12d0938e4fa431025
5588fd5e5a07fc4a6a51a8eba813ba8023ea2b23016f2aee59ac00da39d3da14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b1c4244e97c927f2e39cfc882161b664b22d2896889157dc47dfa58699edd4
56620b82eb36612321b514c214bf5654bf305623f5f836a1b753c87afb12421d
567d523603299b74fdce2909d8376036cdc81280b8f562fd00edd01795886e02
57787a4288ce4eedf745f701c82ab03cce8944bf03e707ab28185f0e4b941e01
57a9e8bf4c8471a5fefc14edcab2252ee2778b683673b35c95cb6a048ca5750d
585092ee19a5f2a1077fdfb54ba9d09ad07acb94c1f8840faca68e52261ebdbf
5ad076db20c0918a19d714600525d0d84f2e3601394f88e528cda5188d069e60
5b62a9c7be177b007149431b8a1d41872a37c5e663a5f637b19d45f375175a4b
5c7d4f3021d85d94f010b98d6ccfd7fe6a73a4856f96ff63f3a20b40d7f3c3a2
5cc8fc8de84bd17ddba2bbc20d865dbd5daaa2deeecb07187ec6f3addcfa4eaf
5cd425896ccfd119ee720821af6a832189231c40d52ae8cad03480886967b984
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f2929c948fec9dba1d90ec625e39228d4f5c128151c51ac40601cff0de4551d
5fec74c2b49c57cd811dbeb3fa3339c355b41f7ff011c322b24588b606e5db45
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61b20129ae5bafba30ca3da014ec6ad3660bfee13ecb622770dffc9095bdf464
61bc3055d7aa9817e615155f172666d943538ea21b6dbfa846ed85471eee492e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61daa507d9f04c912f80dbd2d3c6277a6d24a2f56799db29ddde6729c19dd332
632f94eed72a7470b070e750b6c4fe15348add2425f9bac9c561f0b8ab1b5f2b
63d7ff2f41a15aac5661b482779ad6ca98bf0527b70061971b16f1defa92b6dc
6410de41bf5d4aaeda3cd9a25a82fdc54c1513669a32678d33fc3b24b392fdf3
648be439dde42b9d7e4d8af7d9ebede039a91de3329b12c8595e4e427548b668
64919f87b61b11e8d0b0a9cbaaee9079698590d0c8da5413d4004f5ffe8303f0
65283646bacbd3fbfd153f7d46bed7e31421dcaeac8b2a072e8b6e8cddf3e851
672dd1bc4e43633736b0869988fe8bc42e180b1f210b691d72eed35161ba677f
68b9748ebfd39c7c6a316e73f96c3a91c169f1d33741656c594bd2c4d2b513b3
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a2015d1e7588ff4dbf23e5921637788e4c2712cb1e26bb73c67d24ec9dd1cd1
6b7f6b7f419968430d0c8a03ae08dfd9a960e7b1c57e4f89e98deb96b6c28483
6cde5d6ddd360343295910a282d569ad647bbe86a94cc9244c1fc776ba8166d0
6cf042b4b72c6231dbbc8866306e5032fb94fbb2d26817ee0bd18efbe69546a4
6d5bea8e0cdd9848eedee10232ad1498f8027e66a5d9ccee1d052622247ada7f
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e30f0c06fea4223f4aa1aef594bb9fe368b714a9c734b5128656ad59445aa96
6e87686e25acea05508552d9d5d1e3ee9feba10895560a0c47d756f0075386ea
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
6f88ad1b185e443ce4a39c76c65fa4b6f199c1521398535cc5452b19304d5f17
6f8910bb4b43e21480fa154045cd5fcf338313475a176572f9b3cb5bdb9abbbf
715304747af42e63d0c4ab0d39380b612fe70d5dc8aa658c01171aac4f00a020
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73dabdce835eda27d022bdf4e86ede2230af3810a2ecf57646b48a509a4db0f5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
748725909b831515debbc507b87366d92a929a76b2944d168e3c16f0b68b3004
7491d1110f47a0588bec56037e0cb3271e69189e59587e58c7b77c00403bda79
769c9645e51367ab7cae92d37b2925f2a50896d03053346e3c8972b153649610
76dc59e4dfd447b45f859f5c93f680986d381e5bcf194cc8839a0d8528f9dc60
76e36d5f5385fcafec6eea2fab99909bb4627af933968825d9cae28624480010
772a46417e9710087748aed2e81c859e1ef48a6f843fc517245260d7e743357e
77851be5afb51840c7809b09bcaf75d2220513c2d5a3ac5fb66b173cd3032c34
77b6d3e631fa2f5374f6d2e3ba4be64825054e04f5add6a7a2b19f38185f167f
78042629eeb892cf1d90c0a1907639329582fa86a0876b1dc9a3ed836c5ae5b4
7893c9c5cdc653d70585dcf091870884c2107c29bcf4ad168c17997cb7ce4557
78b1d3bfbcd95ff187d78d9026439ef2b20199acd5d76f3d406014fe53f5a1f5
790402e3824b48ca388555d4eaa06a555ab5e118149f652a4393906129b1945b
793a8d19abc710a442d28aaa9a619a4afac92338c70a25b80462d6f58d182c83
796409bc6e386b2eadd804eb036c10dcddfa4eb0745cc6bda56bbb45aea1d0ba
79e1b23fd52a296bbb9542faa6996c55cc9869b8e38df0dad705821c6d52dea1
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7b29f70c73488befff17a93658fc5b8ab3b70c554da733e0723108cd37056d33
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8020ce97f71b864b4d349c0f1a346f4094fc4b9bb52cfef2ed397751037c1d46
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
8084d399c9101ff86ad6cd96f70695f49a823096d23d2b2916ada43af3d9516f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8116997f9e587cdb24970cca8bfb0e8c42772fd786cae7f727ac4b349a70dc94
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83204da27cc7e24911b90294973537aa0751c1bebd31cc650b1277e8e857482f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8375aa8e241cf760bd23b5db1d0ea90fc53249cc19f9743782454132fbc4dd5c
8438ea6588a54d340cbde15d0621be69193e0b9248cf4e2b99994d2e0f442f12
844cae63b90b9ceac2e5d3f54b93c10ba336d56870730c3ba77ea2f32f334d77
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
86741fbbd4e540c5e2a541773927159732b41034318e0e0a4a78ee2253da2eab
86c80ef29507f3d584c78e73a8a031645b18a5085a356d4d7b3b23fef71f3462
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89c935fb5bcbc50621bbe8ea0dc1fe4d46b5484862cf0de6c1498b5967687556
89ca8a52f2a1a1e81dbe8ad843ca46323c98c819d622345a3625dc0626b04701
89f6b9480bb52fcc0c9b31098aed2acb86a3d401c852b2e4022198857c0c908e
8c0f5b6a043fee2b56859b852fa9482405adc4bf823ec1ccb6dff5399e68f1fe
8c7821150ef9eae8ad1d300fdad53f0fc9bfd878e1dec567b5a44255f07f6f53
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e48b5781e7d4da9fc720056d23084360fed5731ba4a33e9d5b1f727ab5e96be
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8e7c8ebf2933f1e09fca40d53cee7c03b52268e63bf5cdeb0a7927e7ba6e654a
8e891b2effa10b232399249b2739a5d90a44eb88b03a29c689a8cdb7eacae3a6
8ec8a9d404c1a1b26e059c2df195a558fc8f137a862bc51907f7d6b2b7fc0bbb
8ee07aecb408e448e33b73fc36dd152467da4b537bf3fb10a837fcbb8d6805c4
8f517fb84e0461bf59d148d2cf42b9bdfd8cbee080020b56fc208f581ba556fb
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9026014865817f7c54bb37b9a4da18fb334862671378aa5b862db3e05edcca68
911a074082c3405f83ce64a52900da21a67a396e049fa229f82fef6c3ac2194b
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92b26cd337ff210599c01519bcc502235ace03fb1f33e9fac1fa70e3b7c3ca82
93949e6460edcea9da2f1acd0806890acdd494aa688f7555af4e3422cea8d0ac
946c9c122fb50fee5ea26060a8b72028e148544bbe70bf85b58fa7bc0ddffeae
948630aa30648e8666099343b2696c9956fd071ed80a671d7968198894894897
95028fc49f2d510419b0ed366e9440e469be51a0142e4a65338fda6fcbeba101
956a1685bbf8fa351546ca27a7e7bc67077443705ca2f785afc6203f1092d989
962381315581786b07796c25527cd556b3fc5891f3f5fb557de179f7e9fa97db
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97275f3877eb4c193d26b9e00de7ef6a4714732721450aa041dff44dc8bce66c
97e574f371c767e9f2020c816a348a5365165af8c1050a744a815a01e7da5771
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9923bc3176626e771f4c1aec98a5aae6442098146773f08843d0871d51ea9a9e
9994ccf4ed9efc9a1c69188a524f2c9894f9b320b0aefd2dedc7003c65ee5e3f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b11e31908f1b119c357a0a9e669cc7a148fbcf80102ca1b79906d39b9917c2a
9b491bd90eff35064d7c35f54674bfea95cc55fcae93e4157a1cdb7b77c2975a
9bd917796617c652029db60419894cbd1edc413c45bba35728a1814beb86996b
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9c506fb71ae0fe4b42b527cbade5d352d6c2f89fb8f8d74575f671dd64b5bfa2
9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9d2b1ad45bf09c76079e614748fabe88052260eb813d456667c832096a461343
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9f1379a87f72b4ad9a38d71bca1030da69bcd9e7f2fa2131fd9e59aa30075084
9f554bd5e5a436e10dabe580e2ab092d26737fe5a55d5649d686a17cba3df5ce
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a064c25c1f63cde23c32426d9652bd8441cd55e37ed5ddaf6639f43579eadbfb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fc6ef332016861fa491ce11eed0ffa38bbd3187ce35e418831b1ab58c0c1fa
a18e897710711eeee878160d41d68faa7617e31d9f788e480d4dea8c368be6cd
a23c0b6ee897564c4d6265aa560fb11a454756aea0a1a4684d5d2e535a4bbe7d
a35e8bc6e0c717a9da8c03646534a940d61af07cafc6841054c9c4d894d67b00
a36226a65d9f2174684c00cb40359f22f580914096b018e51b39175b171a22c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b4e7e9789e20cd1d28093e68d61f61274eaedc0255ce3901a5f34aac14c0bd
a52217f95bbf365dae899236409158b78c148e9c62a14e6dee3e93709be63af6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a67d035d67254f5df323af594a1c712e3686feda92927b51ad559e090fdce411
a68f6b32df4ae0f7f54f4f282a8c4f1a717b6a5f80dc45855e540dfd24bab3ee
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6defe76008fd170dddef823631b5b4955715a2e7f6537d824225ab6b0796b3a
a7c40ce87c192d743d6ccf9b99bf21e87cdcf4778b01a0c513e74dc42f16820d
a8ef815717da68a523b423859efffd2db2aaa8214ab7c552b579708959ee2a05
a9587dfa3701d33bf7a5058cf5c2c6f942b5bf9f898b499811b2de8894ad0262
a9af05d7a68cd60590f66c592ee274367423402c066d69bb08f4e4973dc1b5c0
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
a9b8757ef83403b67a3f6d10da0c8f4259179fe48a775020aeb65ab9e1791cc3
ab2017bf88c8a9ee23b2b40efd263bef3dd73fa2d48a7401c4f5bd585f0a39c4
ab5a9f397f8f2f94e0cdb1d5eec2596e930f86519149068db102d7dbf51a5a93
ac29b3c9e76e766c3f04e5e699bfc47a3fcba8fb5b6dfc5261939af634391584
acc129eb258fc2254c448970216c90628349add61f5f7c678174c150bb5cd901
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec768183aedd35badc7f08debb11c5ad74436b396863ee3a1cf51a47361991b
af298ab597518545d39951eabcd8aa7ccf251e0d7ff5343776a6f36e7af45aa4
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b02fd55f7b7fe5a55f756f0a4c48505bf11b7116f2adb2ec6c9cdde6fa260646
b07f4dcebb4513328e0992d0ccee52ec5521cfabdbd72da1b419f542a233bde4
b0b884a1aaabb1526261b4708e754cf24121a032e87cfe4592575d5c9c84d05c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16121bf16b81b604310b6ec41e3b435378403b661591c8143bb9c85d0e9e8be
b1831c3307888e77b728758c99b8b12a91fbe644eeec27801ea377786d14c720
b1bce502c2075eca34d6f4d631801d70e458714824003a3859565e44b3065e5b
b2a17f75640ea7fe968eb8de7ca2e6a8b175b4eac410acb50621d4cd9fc951c5
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b2f79730fbddde7a9b3358185896419e071a590bdb79bc18dafaf16854e44ffd
b5a8932484fecda9d2e8f6c6b9ee4facc1dc95e4cbf7a8b659af36e909f89c72
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09
b62f7a7a8af0d154b69cb4b59d38b9b8279ce0201d9ad7a2edfebb04c97873ca
b71d647f406df1867e611dbab2905a9e075baa168d096e3d094ae59504517db3
b7bc4222738a9bcd2a3a43cb74340ebde573b8e6726fb5640d0dca9357e73e84
b7f5d70a1071fe2f8b9e45d9befbb788d9912d50f7dbc60e5728bdf837a21d08
b866094902ee2c06cf0553bbb8bdb64c2316f675cdd906afd98e9ef5a127e033
b8e9d5b68615cfa19cc65e317f532c3619bc0c1db9989950a4d545ac5db2d425
ba03d48b570945351c45d0ddad64e8ad055dcc1263a1c0566fa75eaed3ea2f8f
ba24ef53a29e6a7d3645d187106ddc4ec59c39f43bd0387802eddd9d31fd0991
bbb5945c32fa63829147f5f00916d48b0eeeb1944a45abaa72b87291870aec0f
bc01124fe6ba5ec7bc8ecf27bdaaf71b8eee614e4e8377342fc965675dee75aa
bce228dbcc1ff96b6dd015d61529836e145706b4ccbd9a8ef6d86a9e9bbd069d
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
be20384173635d3a35d12d938a774d186f8775b50dc608d6fb831afd3e9e1f52
beed7e778820d04335568da821e8a0efa5570d31f44dfa12f2201cbca4ad7ce6
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
bfe889951d907fd5d1b2c128f6f4849737e3c4388647555228e23e4856ed57a4
c01e633ac22bf12e104acef04874987f1e85e67262d9d433d06c880618b98ce2
c0dcb2727be74321d70c65674b69ef7f92fdf69452d83fc81cf560d0c357e87f
c1a67873953aea918e8ae05488679cd03ac207e357051d31b774c5e9f7144601
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2557a307af4b5f7430493260b2263c04a79b33ce0c26add667abe93b1deb1ad
c264bd6789f1c55e356ac316060c8022abc14e8b53d38a06a0342b9c07268621
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c3ec58cfec3e16277bdb11ee642dab31effa489d2538940ad401419763d21016
c43e65d4d38f59106f277446b13f5194f8aed348dc84de7586e54c87c72396bc
c461f4423ec10d25b66c27cf5685005a449cb7a9517ccff95bd1f153f8d36c53
c5cf7de613acfb1e8a55b9ffbc95b33a2f151a9aa340786f2cbee85667eea033
c781674d7e79624dfcfedd34586749bbdb505473dba9d025b8fc01c9b9b0b074
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c7fd589aa2a8f18015beb046461c271513b8e1aa8e91d1496dd7c83433f785d2
c8992fe1b6b597ed8147baee4b6546e3bfbfafdb69290d8fc4b462513b2759c0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9acaed37e495c1ce424fa5e0a471a391b9dbf9217b12f51081a8c86ca56711a
ca3344a2e02cd8b7322b383bd93b8ee2bb929398bd71703ab34731ea621acf88
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbb895c1ccd2586317a06e57f212c4a1d239da751732876b466e698328c35470
ccd10366d487212316d26503eb6ed829abdd10ee477c1c7994865240fc60d0f5
cd80c0c8db38c84090bebad29ec504f896e38c1f3cc642efb0e6e7155cd09db1
cda138538cc8c4bdd27c8da82ca755ba1611595008e14807283fe076d1548706
cdd9a3e5f93beae071bf6d215271850facbb94b138d92cdae5e749fe42fb14c6
ce599baccbf9f5fba338024199a0b884b8482b8ac65d8c24d68acea09498f958
cea8664de085d3a990f58e53b1f935bb30c87d859379710af177d0cf2c7d2631
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8001763a4cb0cb81352e07fb9927790673baaeda29140c072f30c5933cf10
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0f0ef824991b881d804b22337f1eb75feb0b0007c4a82ee7d61321e74eefaa5
d12654039ddf3e12f1460ff7f8bd7b1a99846f6b3b00dc2f6108e0a3d1a0ef43
d1e856f79f1eed570ab6f7ff88a9e1df4078dabfe86e6cba4bb083566c341f7f
d3004a2de4e23038e1fc39498bac9861b53cce7b4dde3faf285bca7538c0eced
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d498dbe992cea26b8ec78efc44b6b92e099e73e41020e2cb4a528c8f3f15e330
d50cb6bda0a5fd7016cdfe46cadb1f5a517fd0135726d581dfe9826bebcd0cd0
d684a474ab9335f706f8a5962de2f314f82a29403609b8c3d3bfff696f85b39f
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d77b5f2ca03eb8dab2acc515548b7b1ce7eeb4ca2189268552649e0391ee8c21
d847adf08319c609133d17a60443f6c9f3fb593830e46b9681cdae85d1c37acb
d8c2973422fb9dbf2686f1ad315c39edfb816117d0e1db60560026dc273c7655
d907400e72d3addb1d2b21db04bcc31731a77ae46ab0d04873e4dd96f99bba9d
d9590c0edbffd75b5473648d228a5da72c1dd898a1f7dfda37b0aa8c89c726e9
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db5761c165e1050bbae3c5e654025b6a82b8277a436565e9d2cade7817b4b37c
db8099b1ce48f387f283e160669205226afd672727c34dee0e7d3998e2e21225
dd06a980d344c67fec5ec8a6b71d99fb4c710b46bdef7cac90b6c419f82748d3
dd1338ad26431d42dceb17a932e9aaa0bd6b6cee0e0baf4915fa4f71af9956e7
ddf5afd50552730e3b8ecc8b2f09092370b20b296baf525c0189c39fe2ebabeb
df433468922abb2eca6bf16d4b8d3f4698e65f1244e8bc0003c0d2445d34a5f5
e0b3b387d78bee7d71b02f890d51c83ad7879a628e6dab2836d273777ad40ab2
e1a0438b68ce542edde223c44229132c60c598e07f3bb593665bc5413b78fea7
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e25ca55da779bd3b05f845f1add51ab9f7936aa7e9ef7dac72f5aee61579503e
e26ab7d7ce2fd46560a0d6b4bf7dcadab0f5b41408e0f80315ba10eeb014a304
e2cd2838d9537e8b405992bfa4ef5ddd9ab98461eec351ff661d7b9d475839dd
e2dc6e1610646678164bdb3633a6f4b628748cec2d3b46cef68a109f6f32bc80
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30089c7e8822924954e798438c08f635559062a9156cf066f2474e417816080
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e52b6ef58ea638d4bd03e1823b08e73aacb624eaf6036e41053f9c31437eb0a5
e5961598085066e30fcda4edeba2b5aa3e94bc5852db5dbc1ef1296bc0bc2c56
e5c5fa98ffb259cab3a3bd4440e7b99a3f859eedd7b4b241efb5c2a6e1dd291d
e6b29fc904565d0e71927a5493cedcdb9892145b009e58c6fa65d2049e7e9385
e78f5313d1ddda2d416f483ee581eff166ad4985f144d34d06adc5c60086c47b
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e81120fcce254b0e5dd97d0a07f2582c40440effddcd62e3ae4a13d56578df21
e91a13efc7572c9b39835aedcd807f37a200e6ccf7f4d38380488294ea45ddde
e95b1cac96007a1a5b9f7084e1da7875d37e9bc6ddb8eb0ada032b99942c09c5
e96f804391921f1f48dfa47253491d531b4ebf924d643fd48a480f38b77d1df9
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ec08c0e607b89068e64a2d4f750b9c7cacb8a80d9353eaea0429b135f842381f
ec524840a3128a54e296c87d694dec3c2cf3fc79a3496c70dbd89896875a4fdd
ec527d4b6c6bc90bc71fdf7026bf42adae6b05c006716e0e735e68027493be59
ec9218c60d8f57a1a80cfeeed13b7bc1f5838873ab0067fbce1dfc9b68c3ba2f
ec97bf5f6f0fb58e57ac5f24c61cdacd9f3c281dedf025e2fad573db9294f4a2
ec9a9cf7fcfa69143ad78374bb753d563a582becf16760fde2dbabc4f6bde2c3
ecfad2aa434bc580d778d7c1c8ca1a7a2c4b98e0accc741f4a041766a8ba8628
edeb8701ea9e9bd65650303bbe11cf1653110e8afc96f705f74b90cd1568e948
edecc8a8c8c0b936a9e6df988c41d3cc4d90d4cda1772bf0c7ce48bf903c64d9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe30058b65a5a1ced28dc8ba3771e1f4664af2e6b8fdb755b33d5511d501870
f047b6e98726fdce9b2cd23ee3186f7b1c87e210f516a2d97703f691d5dc4951
f04e2bee8f17bf0ac6f61331a47d20b1362a61870d980bff4548c583ab611dd0
f0a07272d999804ce36ed0549f46eab787eeada9b00a9575ac5bc21a96bfb603
f1925c2fc6263128143fcaa86a8ef8cdf4940ac2665879394dec3d6adaec2dec
f278d5a369c353aae2c1b048fd4a491612042569fc790a0681cfe0c6a297fa7d
f2ad4c514b36ad13162fec167a5c219d8d6b7ae93591ca0cfb12dabf951fb14d
f3985c63153e0c5b7fc6251b978801cfa6d6becb77d3e33c0bb49081d249eeec
f43a02c472d9f13a1649078114ca2de3b7d43277266184e34ea8649c01db97e2
f47b3405e1d6f11070412bfd94f20e1a1f42648dd4de3cd621c38bd82be0c395
f4aca7046d927af0259111a1a8115c34139ab6c854d8ad835864b153e470efa4
f4f6048f3f56bc409d845fc775decbd428a8aa9cb43cb12e7065ac23911da168
f514543170b7d33d558d367a0047faf7d003acddeb3857f2cb929d6bfb5af190
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f540b49c612dc66003ccc348385e04e2d50c92a3f0d855c50ea6c2238a34ddab
f625702dfb3cb62b34ebf4a347ced72c7dd2578b77a662a672b9b22a6d71d1a8
f67aeaa72f3d47e55fb2b4d3ae23a5635be6c480cea318e99ae1c820a1ff1819
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f7e183c6301b450a8f4d89620220cfa3cb5296973bbf9f2a5169c608579941bb
f8a13c76252b997e96ddb0333802d0f1dc662a79adb0f4564c00885194ddbedf
f99b591dde77a2428f5e4f4c90b5bae1a3a91b77ca71483b20c228f5ad10a2f6
f9d9b391231353938b1299a1c2ff7180ad3e4926ca48955372b930dff2dfe0a3
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
f9edde9c6d2ec6ac3c7e95f3833e3198e57f461601774855809cdd63ac17f1f6
fa403d9a9b7b752d058f087bf7afe7377ed73c7700fb5c7cc271661ec043e737
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fbde02b230538a94e56e8e96fd1ef3711a825286e9d9f76226c4022ba92db051
fc2c98b8beb10e2949ca983f5963e5e83ae8fa33d21900b0802e5140442e9a2d
fe3d4a4a945866598d9d437acefcebfa65bad4f74fad2d6c15123923428e4aab
fe8da47e90dd37fd3c1d3de997a4f9045d97163fb29e505be2395a19888eb584
fee0ca95912191b18b0e9318e17b9f1bf823516bf3986a60edea0a34232945f6
ff18fa82fc709b4c1b881f47184c633261d35c796655c8c63f4e901f8499fcda
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2
ffe749d2e2635ec192d6c47cfbdf64289299b1e9dedcd2d567f93aaa2dac7fcd