grand.online Open in urlscan Pro
5.22.184.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://grand.online/
Effective URL:
https://grand.online/
Submission: On September 27 via manual (September 27th 2022, 2:11:29 pm UTC) from US — Scanned from DE

Summary HTTP 318 Redirects Links 68 Behaviour Indicators

Summary

This website contacted 52 IPs in 11 countries across 36 domains to perform 318 HTTP transactions. The main IP is 5.22.184.38, located in Serbia and belongs to SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS. The main domain is grand.online. The Cisco Umbrella rank of the primary domain is 623079.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 6th 2021. Valid for: a year.

This is the only time grand.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 81	5.22.184.38 5.22.184.38	31042 (SERBIA-BR...) (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o.)
2 9	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
2	2a02:26f0:dc:... 2a02:26f0:dc::217:61f3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f20... 2a03:2880:f207:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1 2	2a03:2880:f21... 2a03:2880:f21c:80e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
7	46.19.9.50 46.19.9.50	51790 (SIEL) (SIEL)
1	2600:9000:230... 2600:9000:2304:9200:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1 4	141.95.47.69 141.95.47.69	16276 (OVH) (OVH)
12	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
1	2a02:26f0:170... 2a02:26f0:1700:781::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	46.19.9.32 46.19.9.32	51790 (SIEL) (SIEL)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
4 4	109.206.182.78 109.206.182.78	50245 (SERVEREL-AS) (SERVEREL-AS)
2	109.206.161.115 109.206.161.115	50245 (SERVEREL-AS) (SERVEREL-AS)
1	54.160.55.69 54.160.55.69	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	46.19.11.65 46.19.11.65	51790 (SIEL) (SIEL)
23	185.97.52.29 185.97.52.29	51790 (SIEL) (SIEL)
1	46.19.8.15 46.19.8.15	51790 (SIEL) (SIEL)
4	46.19.9.11 46.19.9.11	51790 (SIEL) (SIEL)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.164.244.115 35.164.244.115	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.134.134.122 3.134.134.122	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
12 16	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
12 20	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 12	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
28	2a00:1450:400... 2a00:1450:400d:80a::2006	15169 (GOOGLE) (GOOGLE)
1	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
1 2	34.246.229.208 34.246.229.208	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:7e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2240:7400:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:249... 2600:9000:2491:c200:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7782:37a1:3b18:39e6:194a	16509 (AMAZON-02) (AMAZON-02)
318	52

81 5.22.184.38 (Serbia) 1 redirects

ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS)
PTR: www.grand.online

grand.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 46.19.11.36 (Slovenia) 2 redirects

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

analytics.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:dc::217:61f3 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f207:c4:face:b00c:0:43fe (Vienna, Austria) 1 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:80e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 46.19.9.50 (Slovenia)

ASN51790 (SIEL, SI)
PTR: 2E130C26.rDNS.SiEL.si

ug.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker_ug.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:9200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.47.69 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns31479461.ip-141-95-47.eu

gars.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:781::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.9.32 (Slovenia)

ASN51790 (SIEL, SI)
PTR: trfx.serv.si

collector_sr.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 109.206.182.78 (Netherlands) 4 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.182.78.serverel.net

sync2.adnetwork.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 109.206.161.115 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.115.serverel.net

sync1.adnetwork.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.55.69 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-55-69.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.19.11.65 (Slovenia)

ASN51790 (SIEL, SI)
PTR: 2E130B41.rDNS.SiEL.si

ox.irv.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 185.97.52.29 (Slovenia)

ASN51790 (SIEL, SI)
PTR: cex1.vsn.serv.si

images4.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.8.15 (Slovenia)

ASN51790 (SIEL, SI)
PTR: 2E130833.rDNS.SiEL.si

www.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.19.9.11 (Slovenia)

ASN51790 (SIEL, SI)
PTR: trafex.serv.si

hb.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.164.244.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-244-115.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.134.134.122 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-134-122.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.18.98 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.18.19.126 (None, ) 12 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.89.210.46 (Frankfurt am Main, Germany) 8 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:400d:80a::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.229.208 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-229-208.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:7e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:7400:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:c200:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7782:37a1:3b18:39e6:194a (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	grand.online 1 redirects grand.online — Cisco Umbrella Rank: 623079	7 MB
59	googlesyndication.com dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	385 KB
45	contentexchange.me 2 redirects analytics.contentexchange.me — Cisco Umbrella Rank: 65841 ug.contentexchange.me — Cisco Umbrella Rank: 75202 collector_sr.contentexchange.me match.contentexchange.me — Cisco Umbrella Rank: 23865 tracker_ug.contentexchange.me images4.contentexchange.me — Cisco Umbrella Rank: 62930 www.contentexchange.me — Cisco Umbrella Rank: 93353 hb.contentexchange.me — Cisco Umbrella Rank: 65951	1 MB
38	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307	332 KB
28	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	882 KB
20	casalemedia.com 12 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	15 KB
12	adnxs.com 8 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	11 KB
12	gstatic.com fonts.gstatic.com	178 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 774 static.adsafeprotected.com — Cisco Umbrella Rank: 575 dt.adsafeprotected.com — Cisco Umbrella Rank: 527	96 KB
6	adnetwork.agency 4 redirects sync2.adnetwork.agency — Cisco Umbrella Rank: 60897 sync1.adnetwork.agency — Cisco Umbrella Rank: 61178	2 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	gemius.pl 1 redirects gars.hit.gemius.pl — Cisco Umbrella Rank: 46108 ls.hit.gemius.pl — Cisco Umbrella Rank: 13358	20 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	175 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	4 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 406 mug.criteo.com — Cisco Umbrella Rank: 2876	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3068 google-bidout-d.openx.net — Cisco Umbrella Rank: 2960	569 B
3	irv.si ox.irv.si — Cisco Umbrella Rank: 288505	47 KB
3	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 5011 s1.adform.net — Cisco Umbrella Rank: 8482	26 KB
3	instagram.com 2 redirects platform.instagram.com — Cisco Umbrella Rank: 7233 www.instagram.com — Cisco Umbrella Rank: 1252	5 KB
3	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4622 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5429	86 KB
2	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 22430 rumcdn.geoedge.be — Cisco Umbrella Rank: 1496	106 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1122 id5-sync.com — Cisco Umbrella Rank: 463	17 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	88 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 748	6 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 392	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	9 KB
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 3290	5 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 3489	904 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 673	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3109	8 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1220	201 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 9081	792 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1317	15 KB
0	createjs.com Failed code.createjs.com Failed
0	Failed function sub() { [native code] }. Failed
318	36

	Domain	Requested by
81	grand.online	1 redirects grand.online
32	pagead2.googlesyndication.com	dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com grand.online googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com securepubads.g.doubleclick.net
28	s0.2mdn.net	grand.online s0.2mdn.net
23	images4.contentexchange.me	grand.online
22	tpc.googlesyndication.com	dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com grand.online tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
20	dsum-sec.casalemedia.com	12 redirects googleads.g.doubleclick.net
16	cm.g.doubleclick.net	12 redirects googleads.g.doubleclick.net
12	ib.adnxs.com	8 redirects googleads.g.doubleclick.net
12	fonts.gstatic.com	fonts.googleapis.com
9	googleads4.g.doubleclick.net	grand.online
8	googleads.g.doubleclick.net	dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com grand.online
6	tracker_ug.contentexchange.me	ug.contentexchange.me tracker_ug.contentexchange.me grand.online
6	analytics.contentexchange.me	grand.online analytics.contentexchange.me
5	dt.adsafeprotected.com	dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
5	dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com grand.online
4	www.google.com	dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com tpc.googlesyndication.com
4	hb.contentexchange.me	grand.online hb.contentexchange.me
4	sync2.adnetwork.agency	4 redirects
4	gars.hit.gemius.pl	1 redirects grand.online gars.hit.gemius.pl
4	securepubads.g.doubleclick.net	grand.online securepubads.g.doubleclick.net
4	fonts.googleapis.com	grand.online tracker_ug.contentexchange.me
3	ox.irv.si	grand.online
3	match.contentexchange.me	2 redirects grand.online
2	static.adsafeprotected.com	dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects grand.online
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects grand.online
2	sync1.adnetwork.agency	grand.online
2	dmp.adform.net	2 redirects
2	www.google-analytics.com	grand.online www.google-analytics.com
2	connect.facebook.net	grand.online connect.facebook.net
2	www.instagram.com	1 redirects grand.online
2	consent.cookiebot.com	grand.online consent.cookiebot.com
1	static.xx.fbcdn.net	www.facebook.com
1	rumcdn.geoedge.be	hb.contentexchange.me
1	cdn.jsdelivr.net	hb.contentexchange.me
1	wrappers.geoedge.be	hb.contentexchange.me
1	google-bidout-d.openx.net	oa.openxcdn.net
1	www.facebook.com	grand.online
1	mug.criteo.com	grand.online
1	s1.adform.net	hb.contentexchange.me
1	id5-sync.com	cdn.id5-sync.com
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	www.contentexchange.me	grand.online
1	stats.g.doubleclick.net	www.google-analytics.com
1	ping.chartbeat.net	grand.online
1	collector_sr.contentexchange.me	grand.online
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	ls.hit.gemius.pl	gars.hit.gemius.pl
1	static.chartbeat.com	grand.online
1	ug.contentexchange.me	grand.online
1	platform.instagram.com	1 redirects
0	code.createjs.com Failed	s0.2mdn.net
0	truncated Failed	grand.online
318	61

This site contains links to these domains. Also see Links.

Domain
www.admedo.com
www.internedservices.nl
www.sportradar.com
www.bidswitch.com
integralads.com
crimtan.com
policies.google.com
www.cookiebot.com
vimeo.com
www.appnexus.com
www.home.neustar
www.gemius.pl
www.quantcast.com
www.rhythmone.com
unruly.co
improvedigital.com
triplelift.com
site.adform.com
www.criteo.com
www.amobee.com
www.adition.com
www.mediamath.com
travelaudience.com
www.thetradedesk.com
policies.oath.com
www.blis.com
www.casalemedia.com
chartbeat.com
www.contentexchange.me
www.deltaprojects.com
help.instagram.com
www.sovrn.com
www.openx.com
zetaglobal.com
simpli.fi
www.simpli.fi
www.spotx.tv
exponential.com
www.dataxu.com
policies.yahoo.com
www.id5.io
sharedid.org
play.google.com
tracker_ug.contentexchange.me
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
www.grand.online Sectigo RSA Domain Validation Secure Server CA	`2021-10-06` - `2022-10-11`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2022-05-31` - `2023-06-04`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-04` - `2023-06-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-06` - `2022-10-04`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-15` - `2023-06-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
ox.irv.si R3	`2022-09-26` - `2022-12-25`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-08-09` - `2022-11-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
gw.geoedge.be Amazon	`2022-09-12` - `2023-10-10`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://grand.online/
Frame ID: 17233BAA82746D7EB32002A122991748
Requests: 162 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 0425144AD26A190BA16A0DB8B5DF2966
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 12C778A0F3BBFD4B23CC35E8AC02A986
Requests: 1 HTTP requests in this frame

Frame: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 339D83BDD78476F04E070F2100E2468B
Requests: 1 HTTP requests in this frame

Frame: https://analytics.contentexchange.me/bex/storage.html
Frame ID: E39357D6CC6D95D7293A42322A839E33
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&display=swap
Frame ID: D84F942B3416A5BCFBE8E686A6041A54
Requests: 13 HTTP requests in this frame

Frame: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8C5429D1BEFFA3ACCDE3F7B68F0421D5
Requests: 15 HTTP requests in this frame

Frame: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FEE55405A0C841921EC39885C05B8959
Requests: 15 HTTP requests in this frame

Frame: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A184DB62BB6B85227A22421750AD37FE
Requests: 14 HTTP requests in this frame

Frame: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E5D24877B61A9FCB1C6278A30BDDE8E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYtZai0wEwAQ&v=APEucNXOyTRdd2LYrW0h5sDqKBkRmY10qyhx_rim_y0YZBt9Ks6pNXQnSmkEfS78pgQmHlLTHj4k9U_obGRiWEsObJe0cYxvnmsaMuPn3JTqCnWiMWeu8O5nOVqfARdObcyW18Idc61MiGmUWm7vyo_xEBk05Dg4AHlOq20se8w9EW_nURIO184
Frame ID: 74DCA632D6711A024E8DB4EBA917CAEE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjjzK3DATAB&v=APEucNVkWqreWHMvOyeEP8bvessb280wpD__6kHmLsSVZUHfDDv81SvX7NCgkF1Y9PeDvzbOKFPp9DQ9XW6lhL-OR0qV-mRFd9j3Z3w8MwqXHjeXlvFKJ51pXJMorRCdIh848MAe9hUqYZah-x-fzbZZCiRDNtAJULY8k6bIl_1YUvd_ayzKSVU
Frame ID: AC8BCF3F1356677507BCF72CF0E481D7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARilpeLRATAB&v=APEucNW1Nl5EasuMTqv8WrAUbBY-rpNhyOiBmB6E4p-rC848TEYnoyynDm2SRZwuTnPAmrZeMS91RK0YU5anWzFM0oHvZk3oLzII1_p40AIVQEVXeqpLz8JtO1nhAWw-xlZCmhj9uH1LQ6f9_Ey9bCfpU635eXnUziUT5e7NXXNXE6KjPg1tfW8
Frame ID: EDC0198A9BD5682A56D41EBCCE845EC8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN7AtdEBMAE&v=APEucNVnJaYgUQa4npDf0sbGNbo8xG61f2kUerPBZbj31NsuOehq7k__xHiRUpDxYOlskM5-EolFPgjDLrIRLJwfamB3nX2arViJ1yrinD56-s61zgkwTfO3K9uHDfOmjHOFucr9ptH4HzE5RqzjIukZvqyi802Pd1HCkELEKGsI8wrZa01UX9o
Frame ID: F6ABE362AD64A3DCE34E020461E0FC81
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnWsBAOrLOrbbvVyOOhsz4K53mDjxwd_BDoXhKriHCetEu4KUiicDavJc73TrtD4L9ZMtSm7S2-3oaRIQW0B8PDLncKSguc5TsIQDF9v2W0mQxKJYded_cLf-cv4MwvkC-N3C2eac5qBSRhJZow-Ke36fc0Q&dbm_d=AKAmf-Ad0GJMWH8ed1FwD8lrGh_e0RLnw0b48MIWmDKsD1VrzT1MpwSF6sOpip_nFe_D-KEtDG-YX4MKSyZW7zn2pQPPFXArCCtAONHGgVTc5-G5n-QswQTEGFxJTdWF-q4aRdfeUKZXtRdy95338eSxRbCLuSIF_JXZHFhjkiRAmEJG-cse7NDLTUoBKtRqMTRCK_73-tE2p2i6bXnjJ7THjFP2lezUW55t2bvUxD4Asq4uJJg4dZWkLqWDqvVMf7vg8l_kdyTOYVmYFwz9va2cETn3OUA_01y85XENKnheb9ojWIPTnzUydKTI464PKT-4qI-E0aCwltQFghwI6lAx9f2qhSM15Hx-qAZXpNQntN8vmD1Uvpqbn1NIY8b8_qHr556NlzDj9JSj6PBtvPX8ixBbQLVK15cc5OyBcuhuzEdnuYj9W207BaGUb2HQyBwLGU_EUctmpW0rlHnptkLaPMKqha70bkbK44LOO38cwOM6MZgwCInAWHKBL7hf8WDJbmNT1V922atU4xmtm1cySUhsJD_JlXRb_15DD_l1_7wSJBKQxPhZker-ZhGRC_G8ObsVAy5_JxSomqVeCJecMt6XrWvSFiQCLu76Fm0rVzu5jb2Q57APL5MmXTmmj3VPaIbzwIKbkmIPtUd8WA06uLSoU37TRIUC4gyCo6xj3ApQJPqxdJwu97MEj0NfDKfXBnxLzB9Z7FfUVDsNQvGfSLPPHl8dzneJFnCIyXGWbw9AIEUvCrgFlE-OiCxLE2F5Vjmo2r0gBsqJ9RlXgAzGMlv5nNFdHe6wQ9nTuTc08ey2ih9MEUgMVugS2_-4J6zeAZXFD-W0_sb-4Lsiq7lXxde7u_muqfUIbHsIeezuI7XFB8EQHWP6V_ScN8lXSsOoT8W0xbZnVhKzuZe5csPFRQh_A4-VcvDmoM8qNEbv0ludbupXNTwm_oKJ4jVfGM1vVXuZPH8oR3Bn6MBCQuhlUjHrNuHIrr4VNhOfs42ZKVE672Rjg2qh1Wgo1EYV8wIQgZrsSj963ez7e6_Rfzxsd6c5t4jR6VxGIZccPwxU-R4RQCWIaD-I5QOh-Vn342ujjjQaro6DGp-FP-YvhH9J2WxUno37XJT2sR7aXjh5byi7jg8E8-Kj3OcP1WDDFzTyyL1mfKfa6Y501hLvmqY_maL_k9-6RAtcRQFmEkavdMiHPyjqayyrR7ycmQU556d6xOgXpVHKmCliDqqojhPb8RpEhe71ZS9a5PQxA3nHxSY3XrQZEJ5OG58VP8ks95CNqj6wcPvhSw2mVj_NLG4x69kdms9VI7bKAMVac1Cd7Vookj_Te591Fn6QVUb7PUWA8pHzBpUtH1Mno6wjCX2rltM_9mPGCuES60nufrm-chHqJOBnkwnCV52wP-W0WmBEvoHhPfLP9EUOF4YrFLsFZEnKSp1inLqhJbk06bU0Kcfu0OqfmasqiinIhSYp0FdrhPQskTRoGQ-4a_2ncsQQBZR6zp3hcJ1RRNlgwRSO8hvgvWV5JXelAKsvqHg6V352sl1rWTDl8kmR-XfH8zR5yG59jiQvYa4bAvyXvT6zJVsXdpgBzKxVYfSUfd6nlEzFQ5T14Z7pcc9iub3o2hvnsbTWAtgsgK7VX-PD5jWzFlG50W5vjKjr-z9dWzuFXp8X7witVt2WVQA07FuHRmMJYaaEZw9x7YJ44gUnJ7lLpsFUEmC2YvWsn0ArcDvBdH4anxKpilLb3wlgQmJqcyh964hd2w4xfIr4CFs-pIlaRd43v_6eN1SjiJQSr1oJayIxJGny9VVxtkpmo8xeqhfwqGvO49p_qeMKilhksDv0pTALCysbcCwbUyYd10QRaEZExpL1xlOnPG0Blkq_0rJ1b7n4-pQV71nkcNo83w4w0mBJSD4ue-5GXNelCr4xN4hPAd2bAxS5qiePdq-sAS0kdeevv1RoaPG4rVHbb-pD9sfZxxbjdzCTKyMj087tiAsnkW8-uf-anznWlSdODxlhfaE3eLqkawq6x2lEFafcNcGPEE5-uQp_H7Pd-Eaoc8ko9ul-TZxaUulp0rxZdo78ljKoNa05eIkzWo43IuDB-8uGsoKjBvoDw6O7YCxd-wiknNLvLxWLyRFVXzOQx1iqOM44zgBKco4kfJTLCRPMJoA0ZQIpbF74iGqKfNpxqm00Gic9Q8o-9PZU3F5gp7BkofuBLCoPpXOL24smsKcgPdFmkHuYPtXdGmpBwcEDrvpCWv4_3ndss8_tULr2YICFPY3kFFxoA5oQMTsOJCIFfiNVwDUJASo1E1WqEIQ-Dvu-_bPf0j69xOrq38tLDKouhrRP_BRxK0YtBNoznLeAkwKIlaljheGPevw8ciE-SeA5NSoscxY9VRzg0AfY37cEyHRU_t8e9-KIACflJ0-q0qAezzWv5a1dcekF_C63HUx5Fuvc84m2H9igaLXHP2NsBs5DRGlUmmS5_aW2khHL_aIgQglm1KTnSq0-RGN8mTBp2H1AYIU0emVkm5OyjCmDnJ7jssNbGpCn2uZ8m0HK-0bXbev_AqdRim0o4PYvmvpRIlU6wJZx3P8NeuZxtkdhuzBKCdD_ePD8EIOOkW-eRWTTvOWRRiSWQ53TBJ3_QFYEReP86fIVbRGVa301T-_1XAVZ3SRTjpwU4-LF3pkvJF_l4qlK1eX-3FvsAVuV0vWutJSa_2Q02jf_as1lefuFyEvxRWOeeadmCLm4PbXh6mdjTfQTfPsCCz6tgrbZwIW_qtyOx1x0tKTq7amGW1Z6qCccOECGls5Z3ZsWhauhfjnbOhIWo2TENeo4hBI9SIybshzfYFZIvbLaf_mwFiLmlyMx5FvVthrjGLOVNH-3i-yT-WxBRVPJWTG-qv8vwQUfr7JDsIF9LGfdG2UGxL29xK90aXsJmpMLHVLm86QIMZZDsKTgdWjsKbhhu89wmNB-Xf-nRe01F6-sRLqT7koHVz2HiunWXoIXEFPD5l2fTDtgDjzUMjTzxcqdBGUFfXKCJ1fhRJV2g9Br6zgvSOo1xJwDK21dZTVXCW4yTKxKDd7Yq1sCc02Tsqg70KNJUCOO8W4WHD-Xq019cBjAtdMLNCmVM5TbdW-k7f08VtB1wEBOeRQefP_Bu3DuHYrehUNa2R_XueeckvOy9UbvdvXbn7RwH129zvn1xwMHKIytTaNm9s7QHyKSpINzXi_dZjO3EhCkUn_tU9zPq17Tk_VPjxZ0cMVrYc8uM879GqZw7SyI3nzoedZBK_e1kRa8rgw1rMUynrC7YKF9S_Ttcn8BduU8rI3qw6vnVr6oBHAOWTLyekijq0W5WgJt490rgYG_tAqp8MH_&cid=CAASKORoUDGAgdpngKH5ypiG-AC3pCo-TP2fH186_ih-LyPpKs4fDsOA1mI&rfl=2%2Chttps%253A%252F%252Fgrand.online%252F%240
Frame ID: 06C93EBE4B4463A6BE6788A9BB43A4C4
Requests: 20 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=grand.online
Frame ID: A611B9BDBC1322A68034793E4D24D408
Requests: 2 HTTP requests in this frame

Frame: https://hb.contentexchange.me/hbscript
Frame ID: B1D1033993B49CD5247A3DCB3B948E12
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2A10C6C245EADA1C845A00D3CC1E7EBE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E24F9B953EB9652B8A89A4F752A6E2DD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 97F8FCFB8FD4D3639100551F2549E8C4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CBAC2A01A64D50F62ED079AED86CAC6A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3154771667329772296/index.html
Frame ID: 22D3651C5F25BC2B58A6E5E848592962
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143
Frame ID: 361FA99F8B25B9E0E6E96A41669EEB34
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F7DA6385ECBD6DA83207CE1C1274A46F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7513298528269151335/index.html?e=69&leftOffset=0&topOffset=0&c=vPZfj7HotJ&t=1&renderingType=2&ev=01_247
Frame ID: 608EC80CD4701802706127FAE98E3261
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247
Frame ID: A50BD51ACBEE7E207F5127BA0379A3A6
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247
Frame ID: 9C64DC9C2C941428A6F7050990C13992
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C4CD117B2DFB14E88027BCC1661171D9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Frame ID: A5B955530BEB4865DD2651F2306F3C05
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Frame ID: 84E80B687965ED4870FE19CBC06BF95C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Frame ID: 196AD2915D4E0F10539A0DB3B734342E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 308350723BA2C745293AF092A9CA8DF9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBABA4244A3AC0855C4C4445260A00BE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Grand Online

Page URL History Show full URLs

http://grand.online/ HTTP 301
https://grand.online/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

318
Requests

92 %
HTTPS

50 %
IPv6

36
Domains

61
Subdomains

52
IPs

11
Countries

11266 kB
Transfer

15435 kB
Size

30
Cookies

68 Outgoing links

These are links going to different origins than the main page.

URL: https://www.admedo.com/privacy-policy
Title: Admedo

Search URL Search Domain Scan URL

URL: https://www.internedservices.nl/disclaimer-privacy-policy/
Title: KPN

Search URL Search Domain Scan URL

URL: https://www.sportradar.com/about-us/privacy/
Title: Sportradar

Search URL Search Domain Scan URL

URL: https://www.bidswitch.com/privacy-policy/
Title: Bidswitch

Search URL Search Domain Scan URL

URL: https://integralads.com/privacy-policy/
Title: Mas Capital

Search URL Search Domain Scan URL

URL: https://crimtan.com/privacy/
Title: Crimtan

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://vimeo.com/privacy
Title: Vimeo

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/corporate-privacy-policy
Title: Appnexus

Search URL Search Domain Scan URL

URL: https://www.home.neustar/privacy
Title: Neustar

Search URL Search Domain Scan URL

URL: http://www.gemius.pl/polityka-prywatnosci.html
Title: Gemius

Search URL Search Domain Scan URL

URL: https://www.quantcast.com/privacy/
Title: Quantcast

Search URL Search Domain Scan URL

URL: https://www.rhythmone.com/privacy-policy
Title: RhythmOne

Search URL Search Domain Scan URL

URL: https://unruly.co/privacy/
Title: Unruly

Search URL Search Domain Scan URL

URL: https://improvedigital.com/privacy-policy/
Title: Improve Digital

Search URL Search Domain Scan URL

URL: https://triplelift.com/privacy/
Title: Triplelift

Search URL Search Domain Scan URL

URL: https://site.adform.com/privacy-center/platform-privacy/opt-out/
Title: Adform

Search URL Search Domain Scan URL

URL: https://www.criteo.com/privacy/corporate-privacy-policy/
Title: Criteo

Search URL Search Domain Scan URL

URL: https://www.amobee.com/trust/privacy-guidelines/
Title: Amobee

Search URL Search Domain Scan URL

URL: https://www.adition.com/en/privacy/
Title: Adition Technologies

Search URL Search Domain Scan URL

URL: https://www.mediamath.com/privacy-policy/
Title: MediMath

Search URL Search Domain Scan URL

URL: https://travelaudience.com/website-privacy-policy/
Title: Travel Audience

Search URL Search Domain Scan URL

URL: https://www.thetradedesk.com/general/website-privacy-policy
Title: The Trade Desk

Search URL Search Domain Scan URL

URL: https://policies.oath.com/us/en/oath/privacy/index.html
Title: Oath

Search URL Search Domain Scan URL

URL: http://www.blis.com/privacy/
Title: Blismedia.com

Search URL Search Domain Scan URL

URL: http://www.casalemedia.com/
Title: Casale Media

Search URL Search Domain Scan URL

URL: https://chartbeat.com/privacy/
Title: Chartbeat

Search URL Search Domain Scan URL

URL: http://www.contentexchange.me/terms-of-service/
Title: Content Exchange

Search URL Search Domain Scan URL

URL: https://www.deltaprojects.com/privacy-policy/
Title: Delta Projects

Search URL Search Domain Scan URL

URL: https://help.instagram.com/519522125107875
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.sovrn.com/legal/privacy-policy/
Title: Sovrn

Search URL Search Domain Scan URL

URL: https://www.openx.com/legal/privacy-policy/
Title: Openx

Search URL Search Domain Scan URL

URL: https://zetaglobal.com/privacy-policy/
Title: Zeta Global

Search URL Search Domain Scan URL

URL: https://simpli.fi/site-privacy-policy/
Title: Simpli.fi

Search URL Search Domain Scan URL

URL: https://www.simpli.fi/site-privacy-policy2/
Title: Simpli.fi

Search URL Search Domain Scan URL

URL: https://www.spotx.tv/privacy-policy/
Title: SpotX

Search URL Search Domain Scan URL

URL: http://exponential.com/privacy/
Title: Exponential

Search URL Search Domain Scan URL

URL: https://www.dataxu.com/about-us/privacy/
Title: Dataxu

Search URL Search Domain Scan URL

URL: https://policies.yahoo.com/us/en/yahoo/privacy/index.htm
Title: Yahoo

Search URL Search Domain Scan URL

URL: https://www.id5.io/privacy
Title: ID5

Search URL Search Domain Scan URL

URL: https://sharedid.org/
Title: Sharedid

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=online.grand.app
Title: INSTALIRAJ

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/w5Z6pcXhXscevKWPK/NfSyfxPKzJuosYyGC?pv=96f60339-c336-4aed-8f9e-3bea24260d60&gdpr=2

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/w5Z6pcXhXscevKWPK/NfSyfxPKzJuosYyGC?cb1664287864685
Title: Bicikli, oprema i električni trotineti. Oseti slobodu, sunce i vetar na dva točka

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/GnSQG3evnLSxvH4k4/NfSyfxPKzJuosYyGC?cb1664287864685

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/cd8iDdeZneJJYX6oD/NfSyfxPKzJuosYyGC?cb1664287864685

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/NiXC4JBpnRZCWPpEt/NfSyfxPKzJuosYyGC?cb1664287864685

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/uNDPNv8oi2ajA9XLm/NfSyfxPKzJuosYyGC?cb1664287864685

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/b2BrXxJFc7uvKTnMQ/NfSyfxPKzJuosYyGC?cb1664287864685

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/TzqhEyuHHZQYdTM4H/NfSyfxPKzJuosYyGC?cb1664287864685

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/v6iXR3QvrKWSTSxDX/NfSyfxPKzJuosYyGC?cb1664287864685

Search URL Search Domain Scan URL

URL: https://www.contentexchange.me/?utm_campaign=cex-widget&utm_source=ug&utm_medium=Grand%20Online%20-%20under%20categories%20-%20UM%20content
Title: Preporučuje Content Exchange

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/TxcLhsjQ8Ywhg79ya/rAKYT4L9qRLPdQr86?pv=96f60339-c336-4aed-8f9e-3bea24260d60&gdpr=2

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/TxcLhsjQ8Ywhg79ya/rAKYT4L9qRLPdQr86?cb1664287864690
Title: LJUBIO I MIRISAO KRISTININE GAĆICE: Kristijan Golubović postupkom šokirao zadrugare (VIDEO)

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/7fSANMxYQEki5PyKb/rAKYT4L9qRLPdQr86?cb1664287864690

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/MxaBBeHDY9PWgCJYt/rAKYT4L9qRLPdQr86?cb1664287864690

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/juqx5aCS5e4kbe7qs/rAKYT4L9qRLPdQr86?cb1664287864690

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/SZ86Z2bmEeRGKMjJY/rAKYT4L9qRLPdQr86?cb1664287864690

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/kbGZLGtQqLmxXpezH/rAKYT4L9qRLPdQr86?cb1664287864690

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/i2vrA4GGX92xLtkTP/rAKYT4L9qRLPdQr86?cb1664287864690

Search URL Search Domain Scan URL

URL: https://tracker_ug.contentexchange.me/direct/SMi95bv7zGr4ekbFp/rAKYT4L9qRLPdQr86?cb1664287864690

Search URL Search Domain Scan URL

URL: https://www.contentexchange.me/?utm_campaign=cex-widget&utm_source=ug&utm_medium=Grand%20Online%20-%20under%20article%20-%20UM%20content
Title: Preporučuje Content Exchange

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZvezdeGrandaPrva

Search URL Search Domain Scan URL

URL: https://twitter.com/Zvezde_Granda

Search URL Search Domain Scan URL

URL: https://www.instagram.com/zvezdegranda/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ZvezdeGrandaVIPPER

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://grand.online/ HTTP 301
https://grand.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 115

https://dmp.adform.net/serving/cookie/match?party=1219&cid=633304886cba4c1f1a59cff1&redirect=https://match.contentexchange.me/adform/__ADFUID__ HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1219&cid=633304886cba4c1f1a59cff1&redirect=https://match.contentexchange.me/adform/__ADFUID__ HTTP 302
https://match.contentexchange.me/adform/8257031363855842095

Request Chain 116

https://sync2.adnetwork.agency/image?pbjs=1 HTTP 302
https://sync2.adnetwork.agency/42e07a438e71ad07eabd104f7c353355.gif?gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA] HTTP 302
https://match.contentexchange.me/dsp/?redirect_url=https://sync1.adnetwork.agency/dmp/sync/bex HTTP 301
https://sync1.adnetwork.agency/dmp/sync/bex?external_id=633304886cba4c1f1a59cff1

Request Chain 119

https://gars.hit.gemius.pl/_1664287880818/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.online%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=EGmxBr9uQvhyrj7Q5YAE3O0Do.rkC1hznzES2_RXTnP.67E_R5FpKs3y4OnVeAwQXV5NPvVGY.PDoI0_09TbXEsq6jR6/Z10S0DVg3k66M/&ltime=358&fpdata=4TC3M5z1sZIU2c2heqZ6u_cnKnAzioa9BK6S6rO_hTb.R7&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
https://gars.hit.gemius.pl/__/_1664287880818/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.online%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=EGmxBr9uQvhyrj7Q5YAE3O0Do.rkC1hznzES2_RXTnP.67E_R5FpKs3y4OnVeAwQXV5NPvVGY.PDoI0_09TbXEsq6jR6/Z10S0DVg3k66M/&ltime=358&fpdata=4TC3M5z1sZIU2c2heqZ6u_cnKnAzioa9BK6S6rO_hTb.R7&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=

Request Chain 176

https://oajs.openx.net/esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp&cc=1

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1&C=1

Request Chain 207

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzMEifhiWyOd1K2r1aYs0AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJefPjv8ywVPggrB-HZoWWc&google_cver=1

Request Chain 209

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ3MTIyNjQ0NTE5NTMyNDY3Nw%3D%3D

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1&C=1

Request Chain 211

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzMEiZA.hXlxxMSLCTtbbAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1&google_hm=2

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1

Request Chain 213

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ3MTIyNjQ0NTE5NTMyNDY3Nw%3D%3D

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENTjeUaSM2YgjuNpuPf3vng&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENTjeUaSM2YgjuNpuPf3vng&google_cver=1&C=1

Request Chain 215

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzMEiaNZa1Ib4.2KdgN7HAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1&google_hm=2

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1

Request Chain 217

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2Mzc5ODU4MDc1NDIyMzA2

Request Chain 218

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKB0iIrpjW4pxnZlP9FrwWI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKB0iIrpjW4pxnZlP9FrwWI&google_cver=1&C=1

Request Chain 219

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzMEiTfDs-6mQHgRbGEA6QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1

Request Chain 221

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2Mzc5ODU4MDc1NDIyMzA2

Request Chain 239

https://gum.criteo.com/sid/json?origin=publishertagids&domain=grand.online&sn=ChromeSyncframe&so=0&topUrl=grand.online&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zIzA8HxCQWZxUTFPT1pTaTM1NFd5ZHYvQmpoVndrMWFIcEhySjA3L0VIR0lkNE93UitWNFF2VzJlUUVYbHZjUzR1aGkwQjNYZWR0eE9ncjVLY1N1MVFpY0YxNTVkSDVPM1kwSTNvK1ExbmVwSXAxaCs5c0FrNzNINmtrWEd1MTEwWGduOFdGUTBlcjdpTkVuSDE2WmUrTFF3c2xRU1BMa2VnT0xYSVdlZWFOYW5lOTVUckp6YVFOOWRnSVI3UCtLSDlvaVFMTVJVNytCWERaR01QR09mbGNLcGkrbmh4TVU5UDVEVFNmdnNUZmJ6ekZYNDcwREN4WXdVY2hvc1NvZC9SWmUwOWsyYnU0RmVvZlhxU0N6QVNNaEt3UT09fA&cppv=2

Request Chain 247

https://sync2.adnetwork.agency/image?pbjs=1 HTTP 302
https://sync2.adnetwork.agency/42e07a438e71ad07eabd104f7c353355.gif?gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA] HTTP 302
https://match.contentexchange.me/dsp/?redirect_url=https://sync1.adnetwork.agency/dmp/sync/bex HTTP 301
https://sync1.adnetwork.agency/dmp/sync/bex?external_id=633304886cba4c1f1a59cff1

Request Chain 262

https://fw.adsafeprotected.com/rfw/st/1140163/65044670/4.js?ias_dspID=3&ias_campId=1009016887&ias_pubId=pub-5845685380979936&ias_chanId=1&ias_placementId=18196981561&bidurl=https://grand.online/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j-edBJWXX6dQikZoEZbtCs&adContainerId=brand_safety_iQQzY9OqH6SN3gPwnI_4Cw&cbFunctionName=goog_wrapCb_iQQzY9OqH6SN3gPwnI_4Cw&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fgrand.online&adsafe_type=g&adsafe_url=https%3A%2F%2Fgrand.online%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fdba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fdba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:14ed9463-3acd-7367-9d38-c7c16a03a88f,c:pqlIC2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b97f7975-tk7r7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tiDYlnS+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1*.1140163-65044670%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d%7C1e,idMap:1a1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:18,oid:4378acae-3e6e-11ed-9b88-3a92f700ddcc,v:19.8.352,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

318 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
grand.online/
Redirect Chain

http://grand.online/
https://grand.online/

111 KB
19 KB

842ms
711ms

Document
text/html

5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 3ec83024706b101f896c3fd74ad70fdbe8725c17570ed92716bbf7ee340d340b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 27 Sep 2022 14:11:20 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 184
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:11:19 GMT
Location: https://grand.online/
Server: nginx/1.8.1

GET
H/1.1 200
OK jquery-1.11.0.min.js Show response
grand.online/resources/vendor/ 94 KB
95 KB 42ms
41ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/jquery-1.11.0.min.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"1787d-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 96381

GET
H/1.1 200
OK jquery.easing-1.3.min.js Show response
grand.online/resources/vendor/ 3 KB
4 KB 126ms
46ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/jquery.easing-1.3.min.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 0eafb86acbeeb215be57085c7a657f00a5d3d678c38721759afcd79c7fe7e30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"d6c-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3436

GET
H/1.1 200
OK modernizr.custom.17475.js Show response
grand.online/resources/vendor/ 9 KB
9 KB 125ms
44ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/modernizr.custom.17475.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 15944a76cccc83b3f5385317a2494b26c0e6c4bdb1514e5b8b889cfdd294b713

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"23d3-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 9171

GET
H2 200 5f85aef32f8be553873579ef Show response
analytics.contentexchange.me/bex/load/ 5 KB
2 KB 190ms
53ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/load/5f85aef32f8be553873579ef
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 8acb29e3b167af771a86e749945c6616a05c41707231027ad2617fda9d3de388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:20 GMT
content-encoding: gzip
server: nginx/1.16.1
content-type: text/javascript; charset=utf-8

GET
H2 200 5e72229c5a2877477058608a Show response
analytics.contentexchange.me/bex/load/ 5 KB
2 KB 189ms
52ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/load/5e72229c5a2877477058608a
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 7011e17ac6c52d9ca5ef329e160e629148925162c2a4cd4fc58c475cfca88a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:20 GMT
content-encoding: gzip
server: nginx/1.16.1
content-type: text/javascript; charset=utf-8

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 100 KB
31 KB 143ms
30ms Script
application/javascript 2a02:26f0:dc::217:61f3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::217:61f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 400a391547b35a74ca17fb4c1c02e31dc3105de5c4ebb1d5c0e37793b27ec450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:20 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 10:43:50 GMT
etag: "1441fadeddccd81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=420
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 31445
expires: Tue, 27 Sep 2022 14:18:20 GMT

GET
H/1.1 200
OK style.css
grand.online/resources/icon/ 8 KB
2 KB 122ms
43ms Stylesheet
text/css 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/icon/style.css
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: cd7288102e2f4549609d9f8abbe723dbf6343e7dd70affdc1f3cfc92b0796b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"1f56-17076b7b1b8"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1 200
OK style.css
grand.online/resources/css/ 169 KB
27 KB 170ms
90ms Stylesheet
text/css 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/css/style.css
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 57369f643f1fba58cb7454e7287f2613af75c97e79b627d747211fbcbd4c16e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Sep 2022 15:53:54 GMT
Server: nginx
ETag: W/"2a29b-1834c280250"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 css
fonts.googleapis.com/ 24 KB
2 KB 137ms
54ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 13:57:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 27 Sep 2022 14:11:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Sep 2022 14:11:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
649 B 137ms
55ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

89ac9ac9042c7ef410ab439837b270dd2dd9f6c545d9383ea8969a35c945cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 13:53:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 27 Sep 2022 14:11:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Sep 2022 14:11:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 146ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e6725acd3b6b64558610f04824916460d5e26b028d757bbb013be3bf9a013a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27787
x-xss-protection: 0
server: sffe
etag: "1346 / 51 of 1000 / last-modified: 1664277095"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Sep 2022 14:11:20 GMT

GET
H/1.1 200
OK register.js Show response
grand.online/resources/js/ 5 KB
5 KB 134ms
46ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/js/register.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 172e2246438b6eff65e86e6ce41fd12720f6a2139acc1b555f93c8c87e1d2af8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:22:04 GMT
Server: nginx
ETag: W/"121b-17076b7d4e0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 4635

GET
H/1.1 200
OK pass-recovery.js Show response
grand.online/resources/js/ 4 KB
5 KB 166ms
44ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/js/pass-recovery.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 0772ef06c910ba5884b31a93d70b53c1a00c50b0d4293da1fba18ce4553d8126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"111c-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 4380

GET
H/1.1 200
OK top-bar-logo.svg
grand.online/resources/img/ 2 KB
2 KB 233ms
160ms Image
image/svg+xml 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/resources/img/top-bar-logo.svg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 7f214d089806ff1a20e2cf6022b7a46766a8bb7ac1602781db3ad879fdf9acb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"751-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1873

GET
H/1.1 200
OK top-bar-logo-gray.svg
grand.online/resources/img/ 2 KB
2 KB 40ms
40ms Image
image/svg+xml 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/resources/img/top-bar-logo-gray.svg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 35f1bd33cae1c3679f2d59efad596b94c02482de4a8e978d37bdebd95b2a17c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"751-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1873

GET
H/1.1 200
OK sanja_levo.jpg
grand.online/resources/img/banners/zvezde-granda/ 126 KB
126 KB 40ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/resources/img/banners/zvezde-granda/sanja_levo.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: df735c0cbff6fdac8d3c64ef35cd214c28ab2cfd4ee329cb9a55c23869bac3c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Sun, 29 Nov 2020 15:26:51 GMT
Server: nginx
ETag: W/"1f683-176149d2278"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 128643

GET
H/1.1 200
OK voja_desno.jpg
grand.online/resources/img/banners/zvezde-granda/ 130 KB
131 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/resources/img/banners/zvezde-granda/voja_desno.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 4e931a6c65d3eb9699217179250fd1b38dd010b4fc02b84cb0acca98614323ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Sun, 29 Nov 2020 15:26:52 GMT
Server: nginx
ETag: W/"20964-176149d2660"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 133476

GET
H/1.1 200
OK 574740e4e64b24583c5ddb7d16f0ed69105bd17b.jpg
grand.online/uploaded/files/ 69 KB
70 KB 41ms
41ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/574740e4e64b24583c5ddb7d16f0ed69105bd17b.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 9f9708f08d5d62477cc0dbb1d836e699fc7d2b7fd681e4d64705b57c442a8af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 11:11:49 GMT
Server: nginx
ETag: W/"11438-1837ea55931"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 70712

GET
H/1.1 200
OK c97e95e496b4dd058f1d3fc37068318476ff6800.jpg
grand.online/uploaded/files/ 217 KB
217 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/c97e95e496b4dd058f1d3fc37068318476ff6800.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: a704e2512e9476394eb8b66066dd738f2351ac623a5dceb00c621bd4718422b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 12:51:17 GMT
Server: nginx
ETag: W/"362c0-1837f006cfc"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 221888

GET
H/1.1 200
OK 64917a81089293d32dc2e68ddf97f3a036183df8.jpg
grand.online/uploaded/files/ 192 KB
192 KB 91ms
90ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/64917a81089293d32dc2e68ddf97f3a036183df8.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 222804436b29957e8e4d14a1961c74437b395a177018441458fbc25a409edf42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 12:56:13 GMT
Server: nginx
ETag: W/"2fe4f-1837f04efca"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 196175

GET
H/1.1 200
OK dac6155690cf0f6aa7207e392857ccef418b0b85.jpg
grand.online/uploaded/files/ 171 KB
172 KB 76ms
76ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/dac6155690cf0f6aa7207e392857ccef418b0b85.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ee65852d045e6d991ad027f2aa1559c37fb3c77fd65629731bc1253a4e92f17e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 08:27:01 GMT
Server: nginx
ETag: W/"2ac6d-1837e0e7be2"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 175213

GET
H/1.1 200
OK 90666c61ccc844bb57c4366473282d0e16335359.jpg
grand.online/uploaded/files/ 90 KB
90 KB 39ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/90666c61ccc844bb57c4366473282d0e16335359.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ca853ffa9d73abbc7af6a362260ab3ec2d72213a7bea75f2c5801a85afc49eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 12:16:38 GMT
Server: nginx
ETag: W/"166c9-1837ee0b407"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 91849

GET
H/1.1 200
OK 0db02b30261c583a671fa584d89c2d4df0fb13b8.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
3 KB 115ms
43ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/0db02b30261c583a671fa584d89c2d4df0fb13b8.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 7ca163989d19b37c8084f5c7c519dd302aede9cb57fcce4284d58a7c3c4a63cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 20 Sep 2022 16:54:24 GMT
Server: nginx
ETag: W/"820-1835bd27cd7"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2080

GET
H/1.1 200
OK 9e623f1ee8a8db5df6bdc04f29cf247046d023d5.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
2 KB 116ms
44ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/9e623f1ee8a8db5df6bdc04f29cf247046d023d5.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: d13960632c1550d239ad9cc85f6ca36689ab77e77d436b1ab9c2a112452da18d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 26 Sep 2022 13:07:15 GMT
Server: nginx
ETag: W/"720-18379e8aefb"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1824

GET
H/1.1 200
OK f3af14a6026697f8a8172b86577a04b996911fe1.jpg
grand.online/uploaded/files/thumbnail/ 3 KB
3 KB 118ms
46ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/f3af14a6026697f8a8172b86577a04b996911fe1.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 6193aeeb27c67789ca456d29a2a2584d7ff115c721d94f65a20d52b4ac4024bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Wed, 21 Sep 2022 17:59:46 GMT
Server: nginx
ETag: W/"bbf-1836134afa8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3007

GET
H/1.1 200
OK 2b6f417137c68a5122603c931111c4675b12aeeb.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
2 KB 123ms
42ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/2b6f417137c68a5122603c931111c4675b12aeeb.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 65971e49267d70780ffdc3c5bb7dda2636b3fe75402e09bab7ff4be27297f5d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Sat, 24 Sep 2022 12:20:28 GMT
Server: nginx
ETag: W/"736-1836f71212d"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1846

GET
H/1.1 200
OK 9d1a154096cd8c3360e7fd5a729e4d60aded3781.jpg
grand.online/uploaded/files/thumbnail/ 1 KB
2 KB 63ms
48ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/9d1a154096cd8c3360e7fd5a729e4d60aded3781.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: d5882a2478155dcc7d8933f758f0d4fad47fc989a66cad8f3c261928d027fc89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Sat, 24 Sep 2022 10:26:33 GMT
Server: nginx
ETag: W/"494-1836f08d431"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1172

GET
H/1.1 200
OK 5d0aeafa43d9a1cbef36756a4acd89441e1e4155.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
3 KB 60ms
48ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/5d0aeafa43d9a1cbef36756a4acd89441e1e4155.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: c7ce896d848e52912c3625df870af8c8bf1efd1719307d352045437ec462840d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Sun, 25 Sep 2022 18:22:57 GMT
Server: nginx
ETag: W/"829-18375e35b42"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2089

GET
H/1.1 200
OK caf77ea14298e9d18a99e011e797d29e6f380e66.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
3 KB 115ms
43ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/caf77ea14298e9d18a99e011e797d29e6f380e66.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 2158bdaea33fe1310d97e7b9984c632d7695496ad27077506b0fe729b649c271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Wed, 21 Sep 2022 11:35:59 GMT
Server: nginx
ETag: W/"8b7-1835fd552e5"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2231

GET
H/1.1 200
OK 10d3f29a3d3dc8d8847685287f91aefe5bc090fa.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
2 KB 62ms
42ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/10d3f29a3d3dc8d8847685287f91aefe5bc090fa.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: c5822b209dbcb8b894ac98a6061a2697a773f5b4810676d45197d4349062d0b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Fri, 23 Sep 2022 15:28:55 GMT
Server: nginx
ETag: W/"677-1836af74cb4"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1655

GET
H/1.1 200
OK dda42111c0e137f9eff8d3ad747371e2b98bc792.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
2 KB 39ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/dda42111c0e137f9eff8d3ad747371e2b98bc792.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ee677d513ad5b549a32aea0f9e2a2c680b383500911f4669450384153865b8c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Sun, 25 Sep 2022 10:07:37 GMT
Server: nginx
ETag: W/"64d-183741ddac5"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1613

GET
H/1.1 200
OK edeff6d6f67360c574932888a9cf8a0db6fdcc6b.jpg
grand.online/uploaded/files/thumbnail/ 2 KB
2 KB 41ms
41ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/thumbnail/edeff6d6f67360c574932888a9cf8a0db6fdcc6b.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 13a97ec279331d821191aa67d7384c998f222fd3c4d1d0618ac77e3f5b2c773d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 26 Sep 2022 16:46:49 GMT
Server: nginx
ETag: W/"7fb-1837ab1b32b"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2043

GET
H/1.1 200
OK 209c6e502b45b6269cf5e5fdc6b08ab30b3867d7.jpg
grand.online/uploaded/files/ 117 KB
117 KB 39ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/209c6e502b45b6269cf5e5fdc6b08ab30b3867d7.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 67f03a634316c7bcbcd63409b81b312855dd377e8bcbd7f63d6ef511743d9a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 11:23:36 GMT
Server: nginx
ETag: W/"1d2b0-1837eb022c3"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 119472

GET
H/1.1 200
OK 4ab0ceb3458c866692ed98ff0dc032ccaecdf486.jpg
grand.online/uploaded/files/ 251 KB
252 KB 41ms
41ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/4ab0ceb3458c866692ed98ff0dc032ccaecdf486.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 7dc2088ecfdb0f6cad542f4522b4864da1179a0c9dba0ed56c13ccefb074c293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 09:00:34 GMT
Server: nginx
ETag: W/"3ecb3-1837e2d30a1"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 257203

GET
H/1.1 200
OK 38bd6dbfc4e053da9d78def83e605d15234dcc53.jpg
grand.online/uploaded/files/ 103 KB
103 KB 41ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/38bd6dbfc4e053da9d78def83e605d15234dcc53.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: dfb14cfef231d411e8d961243ca68240593e71644a487ae384c727521e37cb08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 09:39:11 GMT
Server: nginx
ETag: W/"19ad6-1837e508b03"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 105174

GET
H/1.1 200
OK 5965e903dbe3c1bfcc3f30aecbaf5a327ed5e5b9.jpg
grand.online/uploaded/files/ 124 KB
125 KB 41ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/5965e903dbe3c1bfcc3f30aecbaf5a327ed5e5b9.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 6fc669bf9f2e088c3fad7f810770f4138b2dca109109847e6d9b4e8159f06aa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 09:11:31 GMT
Server: nginx
ETag: W/"1f031-1837e373798"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 127025

GET
H/1.1 200
OK 36706aee0d8baa037d2e6e0ecc6b7d9eb40d8bbd.jpg
grand.online/uploaded/files/ 78 KB
78 KB 48ms
48ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/36706aee0d8baa037d2e6e0ecc6b7d9eb40d8bbd.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 4c840b78361cd31c9b74202937effa43a3f770dc4e77a6dcebeb2b16f6e7e62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 08:32:38 GMT
Server: nginx
ETag: W/"1380d-1837e139d0f"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 79885

GET
H/1.1 200
OK f76d0dcbeced5d31013141c22a7c661dcf953015.jpg
grand.online/uploaded/files/ 181 KB
182 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/f76d0dcbeced5d31013141c22a7c661dcf953015.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 36bd903c57ab38d6ce7fc8db71fd02cb344db4eec12ce9491b8180b3bcee96a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 07:51:47 GMT
Server: nginx
ETag: W/"2d506-1837dee3979"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 185606

GET
H/1.1 200
OK 8359a5afaa1882f952f7145b76b77c9c916371a6.jpg
grand.online/uploaded/files/ 76 KB
76 KB 39ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/8359a5afaa1882f952f7145b76b77c9c916371a6.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: e23f661b5b125ec9d2a02df33c06a3b38e40b2256d82517e5423381c3926301f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 07:21:36 GMT
Server: nginx
ETag: W/"12ffd-1837dd29698"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 77821

GET
H/1.1 200
OK 063cccc8f585fe092e1662565400db695954b84a.jpg
grand.online/uploaded/files/ 58 KB
59 KB 39ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/063cccc8f585fe092e1662565400db695954b84a.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 11b310a623e626821c826d00d21e9170d013219d213d24ffab7a17c73bf2d41e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 26 Sep 2022 17:26:43 GMT
Server: nginx
ETag: W/"e893-1837ad63888"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 59539

GET
H/1.1 200
OK ec9bb5c204586a83aabab2f687be853559d58557.jpg
grand.online/uploaded/files/ 237 KB
238 KB 47ms
47ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/ec9bb5c204586a83aabab2f687be853559d58557.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: d295b18bbdff645c3f59c585f0b00d57ed9e0c056d7a7ba867d9f66e18891000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 27 Sep 2022 06:59:03 GMT
Server: nginx
ETag: W/"3b45b-1837dbdf007"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 242779

GET
H/1.1 200
OK adf5f6370b15cd5e05c955a31badeeb1988153ac.jpg
grand.online/uploaded/files/ 311 KB
311 KB 38ms
38ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/adf5f6370b15cd5e05c955a31badeeb1988153ac.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: b27efb92d9f3d7ca61d099a04e6673d8adf56bb72619217ed4cb326e815a947d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 26 Sep 2022 16:20:19 GMT
Server: nginx
ETag: W/"4dab8-1837a99719d"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 318136

GET
H/1.1 200
OK efdb113ed8c3c8f9fa0d5d52505ae9a192b6eedd.jpg
grand.online/uploaded/files/ 91 KB
92 KB 38ms
37ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/efdb113ed8c3c8f9fa0d5d52505ae9a192b6eedd.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 3a49cc14bb89463195fb38208d74f8dc42ef35f4e31db6cc47fd449eb1cf2f0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 09 Nov 2021 14:27:29 GMT
Server: nginx
ETag: W/"16c84-17d0518c770"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 93316

GET
H/1.1 200
OK c49883096e1fd5c00fa9c74dbb3816ba893ddb7e.jpg
grand.online/uploaded/files/ 76 KB
77 KB 38ms
38ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/c49883096e1fd5c00fa9c74dbb3816ba893ddb7e.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 5196b3aac9fb9b1c37b8d3c5c0d30c61c683d742b41dd1ebd4ce10a179437fc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 04 Oct 2021 14:28:36 GMT
Server: nginx
ETag: W/"131b6-17c4bb4ddd1"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 78262

GET
H/1.1 200
OK ae21b4629e4a7656c1066be03577b8223a6e5738.jpg
grand.online/uploaded/files/ 77 KB
78 KB 38ms
38ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/ae21b4629e4a7656c1066be03577b8223a6e5738.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 9fc41ab218a9c82ec669010c33d41ee7bed29cb75771c004b0e8fbcdd9632468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Thu, 23 Sep 2021 13:00:48 GMT
Server: nginx
ETag: W/"135ee-17c12be86e3"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 79342

GET
H/1.1 200
OK b2d2cf009d9dbc95e53656496c1aeb4ad11d07df.jpg
grand.online/uploaded/files/ 129 KB
130 KB 40ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/b2d2cf009d9dbc95e53656496c1aeb4ad11d07df.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 533608fb61d63d334653a5076d7fc949c17bbf33bf8219e21dbfa650a25133ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Thu, 23 Sep 2021 13:17:52 GMT
Server: nginx
ETag: W/"20497-17c12ce2741"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 132247

GET
H/1.1 200
OK a67d5afa3e4e23b9a42f76393615efebe3dc4ec4.jpg
grand.online/uploaded/files/ 40 KB
40 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/a67d5afa3e4e23b9a42f76393615efebe3dc4ec4.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: a0d5c3ccdcf05c44686b3628a8eec5c79c3e5caf044aca9b1a7453e05c3d3e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 21 Sep 2021 09:02:13 GMT
Server: nginx
ETag: W/"9e9a-17c079761ef"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 40602

GET
H/1.1 200
OK 7efd92f71e3fa7e137737f13058a045e1899c4cb.jpg
grand.online/uploaded/files/ 102 KB
102 KB 48ms
47ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/7efd92f71e3fa7e137737f13058a045e1899c4cb.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: e3c0b96b9699ffd83e2f5ba5b66427a3db71787bae77fd8df7a6f4cc7e2121a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 20 Sep 2021 13:45:06 GMT
Server: nginx
ETag: W/"19677-17c03740053"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 104055

GET
H/1.1 200
OK 903af6b7b756c3a388290539feb19babe19f88da.jpg
grand.online/uploaded/files/ 48 KB
48 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/903af6b7b756c3a388290539feb19babe19f88da.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ae65271b9235f8c51c351d51f65c49a99eccc5a1d51633d6bf57f5182acafdfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Fri, 17 Sep 2021 12:13:03 GMT
Server: nginx
ETag: W/"be5f-17bf3aca5e6"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 48735

GET
H/1.1 200
OK 7fa71cf4302c7f08e423da306ca36d976b342e29.jpg
grand.online/uploaded/files/ 121 KB
121 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/7fa71cf4302c7f08e423da306ca36d976b342e29.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 57297a89d38d2df491eee1c859dd55e415ecdb0a27b3441a89a8939398756771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 13 Sep 2021 10:55:09 GMT
Server: nginx
ETag: W/"1e3a6-17bdecbe52f"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 123814

GET
H/1.1 200
OK b8e1bd7d1fde8fc94bb6f590f46f010be96cf8ce.jpg
grand.online/uploaded/files/ 49 KB
49 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/b8e1bd7d1fde8fc94bb6f590f46f010be96cf8ce.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 4f073067d2773f2ed0efa7d4c04e75e21a5318f107fe73699063eec5a2704fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Wed, 21 Jul 2021 12:31:11 GMT
Server: nginx
ETag: W/"c3a1-17ac90c696a"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 50081

GET
H/1.1 200
OK 2ee7d2e36f31eecd795fb9e5c66ca6b4632bc3ee.jpg
grand.online/uploaded/files/ 137 KB
137 KB 43ms
43ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/2ee7d2e36f31eecd795fb9e5c66ca6b4632bc3ee.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ce3cfcdef35db3505e95a6d25e8bee74fc75ee0f67c1832dd40ae14566d0458a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Tue, 20 Jul 2021 17:05:19 GMT
Server: nginx
ETag: W/"2234a-17ac4e1074f"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 140106

GET
H/1.1 200
OK 0c9534fe02f7bdbbc1ebe9fdefc08d9d2667033f.jpg
grand.online/uploaded/files/ 164 KB
164 KB 41ms
41ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/0c9534fe02f7bdbbc1ebe9fdefc08d9d2667033f.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 1f9c84b6481c69fc620215604fb605b4c7503e2f3addc9f68d1ddc30a41da422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 19 Jul 2021 10:20:14 GMT
Server: nginx
ETag: W/"28e1f-17abe47cbbb"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 167455

GET
H/1.1 200
OK 2fccd089f05e73c8dc0bf1c951b97ee3f6fd0c50.jpg
grand.online/uploaded/files/ 84 KB
84 KB 41ms
41ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/2fccd089f05e73c8dc0bf1c951b97ee3f6fd0c50.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 7fa8a6bcca3dacc9cb960b9e0b828938dc0aba7a2be197b629a1b11766b9fe49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Mon, 19 Jul 2021 10:15:15 GMT
Server: nginx
ETag: W/"14e2c-17abe433d68"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 85548

GET
H/1.1 200
OK 66983c08ef3a69d90656308634d99cd80c91a44a.jpg
grand.online/uploaded/files/ 26 KB
26 KB 47ms
47ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/66983c08ef3a69d90656308634d99cd80c91a44a.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 5b21e5b0c82489be94a4b50e4543ce6b35bad3526dcaf0a7e220cc5ab01a0013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Thu, 08 Jul 2021 10:58:35 GMT
Server: nginx
ETag: W/"6815-17a85c4f3a3"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 26645

GET
H/1.1 200
OK b9c89b1f871b3d31762b8f9137805e6804361a95.jpg
grand.online/uploaded/files/ 123 KB
123 KB 42ms
41ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/b9c89b1f871b3d31762b8f9137805e6804361a95.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: e8bd46f6d1400c67a5cd3b65cb72ba04e0b4dc8aa5d5521f74a1e2a0c6f656a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Mon, 05 Jul 2021 15:46:05 GMT
Server: nginx
ETag: W/"1ea37-17a77591a00"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 125495

GET
H/1.1 200
OK 77961c965c4b971788e7393e008be45b27a8cb8e.jpg
grand.online/uploaded/files/ 139 KB
140 KB 41ms
41ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/77961c965c4b971788e7393e008be45b27a8cb8e.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 4daee49ee6cecd1bf9e92fad93c6c9c85e1da15691220060e0c7d92b2ff6b1a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Mon, 05 Jul 2021 17:26:48 GMT
Server: nginx
ETag: W/"22cfa-17a77b54e60"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 142586

GET
H/1.1 200
OK 7e2e12536c130b7c51e88cb2ffe88cd1f2f8d3e2.jpg
grand.online/uploaded/files/ 238 KB
238 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/7e2e12536c130b7c51e88cb2ffe88cd1f2f8d3e2.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 77bcba84f8da163362ed5019911019fa51bf4ca4e5978601e0cd057a075a9840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Sun, 19 Jun 2022 08:27:15 GMT
Server: nginx
ETag: W/"3b69e-1817b12c04f"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 243358

GET
H/1.1 200
OK 78db253eccda6006d88ce8605655a5563e6a08a4.jpg
grand.online/uploaded/files/ 202 KB
202 KB 42ms
41ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/78db253eccda6006d88ce8605655a5563e6a08a4.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 5404e0157f7fe36a9d430b6e409f7521418c3f411f79b79d0f4d5185bcc50b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Sat, 11 Jun 2022 18:30:58 GMT
Server: nginx
ETag: W/"32600-18154089895"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 206336

GET
H/1.1 200
OK 998a0a82cb8eefb5599db7bb216b3203d19fad95.jpg
grand.online/uploaded/files/ 76 KB
77 KB 47ms
47ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/998a0a82cb8eefb5599db7bb216b3203d19fad95.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 8f0c5b916021892d914d59f49abf6d73c833f2e279e5a697f0d6c5967c46cedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Sun, 05 Jun 2022 20:34:17 GMT
Server: nginx
ETag: W/"13173-1813593565d"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 78195

GET
H/1.1 200
OK f1e46852f65359e84731638749ceb4533ccad9d1.jpg
grand.online/uploaded/files/ 180 KB
181 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/f1e46852f65359e84731638749ceb4533ccad9d1.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 77b8581a4bb29e43dbf4b4e86c8a99fde8b099fcd46976604ec355c1adb58e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Mon, 16 May 2022 07:34:19 GMT
Server: nginx
ETag: W/"2d0bd-180cbca1212"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 184509

GET
H/1.1 200
OK 279310712a682441d626dfd6111203b926e4d5b7.jpg
grand.online/uploaded/files/ 240 KB
240 KB 41ms
41ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/279310712a682441d626dfd6111203b926e4d5b7.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 3ca8f9a8210bc6b71624e8a90888498aa627346a3d4ca0f711e79e73e6328bbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Sun, 01 May 2022 07:46:58 GMT
Server: nginx
ETag: W/"3bf85-1807e964272"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 245637

GET
H/1.1 200
OK 41d693d26693a51a139d16b573f7bdba6d5d3a0e.jpg
grand.online/uploaded/files/ 257 KB
258 KB 39ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/41d693d26693a51a139d16b573f7bdba6d5d3a0e.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: f26cbeecf910e06ba7ed31d1bf8d01c6d8195088451f626cff5bc3cefd0262d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Mon, 25 Apr 2022 09:44:54 GMT
Server: nginx
ETag: W/"40539-180601c12fe"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 263481

GET
H/1.1 200
OK 6b158433467ad0feac186dd5477fa256847abb1e.jpg
grand.online/uploaded/files/ 221 KB
222 KB 47ms
47ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/6b158433467ad0feac186dd5477fa256847abb1e.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 541d57d00e3a0e69772bb15b9fe9d74aabc46e8a118770bdaecded859c79ca28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Mon, 11 Apr 2022 07:19:56 GMT
Server: nginx
ETag: W/"3744a-180177e54ac"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 226378

GET
H/1.1 200
OK c3667574cd147fd4f986cbfd77fe9f6d6f993a0a.jpg
grand.online/uploaded/files/ 256 KB
257 KB 39ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/c3667574cd147fd4f986cbfd77fe9f6d6f993a0a.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: bec88eebe3e74cf703e75d985c2fbed93b84956c4b9161c7dbc1cb39ea299c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Sun, 27 Mar 2022 07:18:29 GMT
Server: nginx
ETag: W/"401c2-17fca3d99f9"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 262594

GET
H/1.1 200
OK 7a5794fee33f1325bdce418d410a68c573f443b1.jpg
grand.online/uploaded/files/ 230 KB
230 KB 38ms
38ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/7a5794fee33f1325bdce418d410a68c573f443b1.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: aca07c1ff13e6a8a82a83f2f405c95a765afc312d8dd691e07fa1381233a5626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Mon, 14 Mar 2022 08:34:26 GMT
Server: nginx
ETag: W/"3973e-17f879077bf"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 235326

GET
H/1.1 200
OK 3d3db1022ba0684929fcfb82bcf5d390f8605854.jpg
grand.online/uploaded/files/ 87 KB
87 KB 39ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/3d3db1022ba0684929fcfb82bcf5d390f8605854.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: d4efcb6ddae36dfb8c3b873fc81d9492479f82b360ce16c8ed7008f50443e24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Sat, 12 Mar 2022 23:25:18 GMT
Server: nginx
ETag: W/"15b1b-17f80735d51"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 88859

GET
H/1.1 200
OK ef6846ebe00d13a625aa2f747b6b0561f2329799.jpg
grand.online/uploaded/files/ 274 KB
274 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/ef6846ebe00d13a625aa2f747b6b0561f2329799.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 3fcf5ff4c2b9410c11cd576050ca42ab35d8710a26a06f5a2fe8ef4b21efb3ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Sun, 27 Feb 2022 09:12:00 GMT
Server: nginx
ETag: W/"44781-17f3a737763"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 280449

GET
H/1.1 200
OK c3f607e4acfce60d42f8d56a38b062a2f65514f8.jpg
grand.online/uploaded/files/ 238 KB
239 KB 39ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/c3f607e4acfce60d42f8d56a38b062a2f65514f8.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: fab10ef0b40c2e2da0973e0697903d144e8ef0e2de7096466d86b7b5312b8134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Sun, 20 Feb 2022 22:27:38 GMT
Server: nginx
ETag: W/"3b8d6-17f193f62a9"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 243926

GET
H/1.1 200
OK 38ecb1c9ae612cc1ecc9ae0a92f389030e1b9167.jpg
grand.online/uploaded/files/ 161 KB
161 KB 47ms
47ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/38ecb1c9ae612cc1ecc9ae0a92f389030e1b9167.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ff9c62afbb0f39e487474bc9f1e286ed22c0999232a735ada869d5d03746496a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Mon, 07 Feb 2022 09:08:55 GMT
Server: nginx
ETag: W/"282c6-17ed371758d"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 164550

GET
H/1.1 200
OK a9cf3e337188fcbe988a5318d42c741302ecd58b.jpg
grand.online/uploaded/files/ 218 KB
219 KB 40ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/a9cf3e337188fcbe988a5318d42c741302ecd58b.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 5119f8380037c6b3abb9e14ee7d8fb84e4fd55794e38505dc73c198da07be53f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Sun, 06 Feb 2022 00:07:52 GMT
Server: nginx
ETag: W/"369f0-17ecc5bc32e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 223728

GET
H/1.1 200
OK 21584a44eb6fe8f3bc64296265500710a52cc048.jpg
grand.online/uploaded/files/ 179 KB
179 KB 40ms
40ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/21584a44eb6fe8f3bc64296265500710a52cc048.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 65f5314f04718a775463da7b30aa335077eaddc201a9d692c0ac4dbe54bd0f93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Sun, 23 Jan 2022 01:36:21 GMT
Server: nginx
ETag: W/"2ca38-17e8493bd7c"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 182840

GET
H/1.1 200
OK m_82e4a500e95f8b82a104acb269bf8b1410363cd5.jpg
grand.online/uploaded/files/ 16 KB
17 KB 61ms
39ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/m_82e4a500e95f8b82a104acb269bf8b1410363cd5.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: a67a90d9bcb34b908729b7dd3be5ae351560ad174629fe5a95c351599226e59b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Sat, 28 Jan 2017 12:50:36 GMT
Server: nginx
ETag: W/"40a2-159e5209b78"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 16546

GET
H/1.1 200
OK m_dfce2f8bd91d78ae594b3a9baef2e029434caf3c.jpg
grand.online/uploaded/files/ 87 KB
88 KB 53ms
38ms Image
image/jpeg 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grand.online/uploaded/files/m_dfce2f8bd91d78ae594b3a9baef2e029434caf3c.jpg
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 7b5838872362fcb56b41e426cdb5073006164d97524ac44902f5749e1da20e56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 23 Apr 2018 12:06:45 GMT
Server: nginx
ETag: W/"15dd2-162f2662e6d"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 89554

GET
H/1.1 200
OK owl.carousel.js Show response
grand.online/resources/vendor/ 51 KB
52 KB 44ms
44ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/owl.carousel.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 1694434ab2c09bd57c2c84b62e49a1d4726645ca6c47e4c521dd4c9ce8bd1479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"cdf3-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 52723

GET
H/1.1 200
OK masonry.pkgd.min.js Show response
grand.online/resources/vendor/ 24 KB
24 KB 85ms
85ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/masonry.pkgd.min.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"5e27-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 24103

GET
H/1.1 200
OK jquery.viewportchecker.js Show response
grand.online/resources/vendor/ 3 KB
3 KB 44ms
43ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/jquery.viewportchecker.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 7ef666c3e4863dc99388d74784ece59a7d89412b8d9645544da01ab272aeaa14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"bcc-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 3020

GET
H/1.1 200
OK smoothscroll.js Show response
grand.online/resources/vendor/ 7 KB
8 KB 55ms
47ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/smoothscroll.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: ff8a921069f33402a4aa8ab5654d6c3d1027b7739e20b3eaddcbb6f80c67403a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"1c25-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 7205

GET
H/1.1 200
OK jquery.magnific-popup.min.js Show response
grand.online/resources/vendor/ 20 KB
20 KB 100ms
92ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/jquery.magnific-popup.min.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"4ef8-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 20216

GET
H/1.1 200
OK pie-chart.js Show response
grand.online/resources/vendor/ 5 KB
6 KB 51ms
44ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/pie-chart.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: a93319dfeca5cfffb65c42e156e2188e48db7f4e7126e105c594b7467bd6d7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"159a-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 5530

GET
H/1.1 200
OK jquery.colorbox.js Show response
grand.online/resources/vendor/ 28 KB
29 KB 53ms
40ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/jquery.colorbox.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"71f1-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 29169

GET
H/1.1 200
OK moment.min.js Show response
grand.online/resources/vendor/ 25 KB
26 KB 41ms
41ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/vendor/moment.min.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: fd4801631ecd42c3f5b571b88c10aa428968ec95ebef8856fa720a45201f6cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"65c1-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 26049

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

35ms
16ms

Script
text/javascript

2a03:2880:f21c:80e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H3
Server: 2a03:2880:f21c:80e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 03:20:47 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Tue, 27 Sep 2022 14:11:20 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK app.js Show response
grand.online/resources/js/ 14 KB
15 KB 91ms
90ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/js/app.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: cec39ec74b600cc736c68de3fbf6654d56da9a73537834d9118cd64d6234a4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"3829-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 14377

GET
H/1.1 200
OK app.custom.js Show response
grand.online/resources/js/ 10 KB
11 KB 40ms
40ms Script
application/javascript 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/js/app.custom.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: 22b04e027387848488dcd5c19bcca157d65915c425b481c65be1d7fd2ff9ff37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Sat, 09 Oct 2021 00:13:21 GMT
Server: nginx
ETag: W/"29a2-17c6265a4e8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 10658

GET
H2 200 tracker.js Show response
ug.contentexchange.me/static/ 6 KB
6 KB 219ms
54ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://ug.contentexchange.me/static/tracker.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

534a603a229776ddbe5b615d484418a95c1a10bdff8d2b08058596aea56977ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: nginx/1.10.0 (Ubuntu)
date: Tue, 27 Sep 2022 14:11:04 GMT
content-type: text/javascript; charset=utf-8

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 137ms
32ms Script
application/x-javascript 2600:9000:2304:9200:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:9200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:38:21 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 5579
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 7f49a9d7acd3e2b85c2c573f92e92d4c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: L_6zksYLtfLKkXcwJNsL1tJ_yZJJ0OpylrCNkUeFc573hwb1AZcHtw==
expires: Tue, 27 Sep 2022 14:38:21 GMT

GET
H2 200 xgemius.js Show response
gars.hit.gemius.pl/ 59 KB
16 KB 73ms
16ms Script
application/x-javascript 141.95.47.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/xgemius.js
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.95.47.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31479461.ip-141-95-47.eu
Software: GHC /
Resource Hash: 2cd568d4ba898ae20d0f741f2466b121cb86c03d711d3e9f3892100a8bbea56a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:20 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 10:13:48 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 15915
expires: Wed, 28 Sep 2022 02:11:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 60ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 11:28:47 GMT
x-content-type-options: nosniff
age: 9753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 11:28:47 GMT

GET
H/1.1 200
OK icomoon.ttf
grand.online/resources/icon/fonts/ 28 KB
28 KB 79ms
48ms Font
application/x-font-ttf 5.22.184.38
SERBIA-BROADBAND-...

General

Check archive.org

Show headers Download Go to

Full URL: https://grand.online/resources/icon/fonts/icomoon.ttf?yk9l2o
Requested by: Host: grand.online
URL: https://grand.online/resources/icon/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.22.184.38 , Serbia, ASN31042 (SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o., RS),
Reverse DNS: www.grand.online
Software: nginx /
Resource Hash: c0fc92a1d6ee5f49a6eb88bc8e41ef9e94cfdd2f8069f19a7c10c03751df163f

Request headers

Referer: https://grand.online/resources/icon/style.css
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:20 GMT
Last-Modified: Mon, 24 Feb 2020 10:21:55 GMT
Server: nginx
ETag: W/"6e90-17076b7b1b8"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/x-font-ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 28304

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 65ms
22ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 204099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 05:29:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 85ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:45:00 GMT
x-content-type-options: nosniff
age: 537980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 08:45:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 83ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:39:12 GMT
x-content-type-options: nosniff
age: 5528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 12:39:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 84ms
50ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 17:04:23 GMT
x-content-type-options: nosniff
age: 76017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 17:04:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 64ms
34ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 16:44:47 GMT
x-content-type-options: nosniff
age: 77193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 16:44:47 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
12 KB 72ms
46ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:52:04 GMT
x-content-type-options: nosniff
age: 58756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11756
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:52:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 73ms
48ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 20:41:06 GMT
x-content-type-options: nosniff
age: 63014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 20:41:06 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 82ms
27ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

adc4072b058cba565cdae846d7ce010c36b22ee5bfc6a587361256599f8d6da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: OO67lhyhhaLWupUHIy0h3A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 0EwBYlQt7VoBmZrkW/Sghsr5ZDQc3wn40e8q7bykBlcdcprRIFym+zsQ8ZpzkICxVuzZE/wGb8oLLVw/1JZwXg==
x-fb-trip-id: 720026100
x-fb-content-md5: 4ed41d34c58abe33243670ef3e13a5c7
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 14:11:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ecc45453f630b53c7e5eb41e4a9dbf84"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 27 Sep 2022 14:13:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 50ms
50ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 496855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 20:10:25 GMT

GET
H2 200 fpdata.js Show response
gars.hit.gemius.pl/ 281 B
395 B 16ms
15ms Script
application/x-javascript 141.95.47.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/fpdata.js?href=grand.online
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.95.47.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31479461.ip-141-95-47.eu
Software: GHC /
Resource Hash: 8b2984e863695d1096fc1fcaeec775d4ff9bc66342dce42ff247de26ad581ea9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:20 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 281
expires: Thu, 27 Oct 2022 14:11:20 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 0425 5 KB
3 KB 146ms
35ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: 9708d51ca5a257260acb8aea6504d9ed3aff8adbb8fa0a61fba1ff93030cc746

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2721
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:20 GMT
etag: PRIVATE7520710249
expires: Thu, 27 Oct 2022 14:11:20 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 pubads_impl_2022092001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131075
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Sep 2023 13:58:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
108 B 63ms
32ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=grand.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd852854b011e82c920073069e31f0ad76a933aa554413e936d26c8dd73d807a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83
x-xss-protection: 0
expires: Tue, 27 Sep 2022 14:11:20 GMT

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 12C7 627 B
692 B 74ms
23ms Document
text/html 2a02:26f0:1700:781::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:781::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=31535885
content-encoding: gzip
content-length: 392
content-type: text/html
date: Tue, 27 Sep 2022 14:11:20 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Wed, 27 Sep 2023 14:09:25 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/e1c9e009-11c7-4cc3-9715-b2fe850bb1fa/ 228 KB
54 KB 103ms
103ms Script
application/x-javascript 2a02:26f0:dc::217:61f3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/e1c9e009-11c7-4cc3-9715-b2fe850bb1fa/cc.js?renew=false&referer=grand.online&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::217:61f3 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 07d66b34de6fee81a46de8989d975586042e0e08748f5576bc7a635728cb5c92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:20 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 14:11:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
content-length: 55403
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 5e72229c5a2877477058608a Show response
analytics.contentexchange.me/bex/boot/ 38 KB
13 KB 53ms
51ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/boot/5e72229c5a2877477058608a?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=new
Requested by: Host: analytics.contentexchange.me
URL: https://analytics.contentexchange.me/bex/load/5e72229c5a2877477058608a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: ed1cecab6573cd2fd6a518be3080f4c818382f0f8624ad1cd1916d202f7000d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:20 GMT
content-encoding: gzip
server: nginx/1.16.1
etag: W/"633304886cba4c1f1a59cff1"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
content-type: text/javascript; charset=utf-8

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 313 KB
85 KB 56ms
27ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=83991cec53a1d444b719d14990b7a941

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc7bdb602bc8875153d3aa881ea674b25d08d59dcf21b8c75df0f0edfad78107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://grand.online/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rF+Bpzdh7aYzjVI52QeCvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87366
x-fb-rlafr: 0
x-fb-debug: thXvIJkGfEEjm+o4nJG0eArRVgJOAMAZGEIho7lsVlx08dgqLAuPxowJQGkDiKoqD0vMulXWHN4bBc0NxM4SSQ==
x-fb-content-md5: 4cdaccc34d450a9cb77a8d3793f4a7ad
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 14:11:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "36b3690ced2400c46e10372f63897f9f"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Sep 2023 12:05:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 99ms
31ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=grand.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 69ms
27ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=grand.online

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 116 KB
33 KB 637ms
637ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1705653979124659&correlator=1186718362504976&eid=31068929%2C31069634&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=21876124292%2CGrand_Desktop%2CBILBOARD_Grand%2CGRAND_SB_Gornji%2CGRAND_SideBan_DONJI%2CGRAND_InPage%2CGRAND_Footer%2CGRAND_Branding_LEVI%2CGrand_Branding_DESNI&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=970x250%7C728x90%2C300x250%2C300x600%2C970x250%2C750x200%2C360x1080%2C360x1080&ifi=1&adks=3062651269%2C3312497002%2C1174929245%2C1290012863%2C2620623041%2C262384875%2C834434713&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1664287880633&lmt=1664287880&dlt=1664287880127&idt=423&adxs=260%2C1011%2C1011%2C-9%2C425%2C-9%2C-9&adys=59%2C2123%2C2475%2C-9%2C1000%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C-1%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fgrand.online%2F&frm=20&vis=1&psz=1080x9524%7C359x270%7C359x270%7C0x-1%7C1600x-1%7C0x-1%7C0x-1&msz=1080x0%7C300x-1%7C300x-1%7C0x-1%7C1600x-1%7C0x-1%7C0x-1&fws=0%2C4%2C4%2C2%2C512%2C2%2C2&ohw=0%2C360%2C360%2C0%2C0%2C0%2C0&ga_vid=379704135.1664287881&ga_sid=1664287881&ga_hid=1051808613&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b26177ae85a71e52a01db52794e72a7dc83dc2528b6cb9bb7c1e3bf125ab9f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33659
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,6093460788,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138402561322,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://grand.online
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 339D 6 KB
4 KB 133ms
26ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:20 GMT
expires: Wed, 27 Sep 2023 14:11:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 61ms
15ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3323
date: Tue, 27 Sep 2022 13:15:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Tue, 27 Sep 2022 15:15:57 GMT

GET
H3 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 49ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 13:38:19 GMT
x-content-type-options: nosniff
age: 88381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 13:38:19 GMT

GET
H2 200 storage.html Show response
analytics.contentexchange.me/bex/ Frame E393 1 KB
631 B 62ms
61ms Document
text/html 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/storage.html
Requested by: Host: analytics.contentexchange.me
URL: https://analytics.contentexchange.me/bex/boot/5e72229c5a2877477058608a?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=new
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 78526ac509a71a338fd7659197f80b4a153b6c4cdd4d61240511b78e47370834

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=31536000
content-encoding: gzip
content-type: text/html
date: Tue, 27 Sep 2022 14:11:20 GMT
server: nginx/1.16.1

GET
H2 200 collect
collector_sr.contentexchange.me/sr/ 43 B
259 B 172ms
51ms Image
image/gif 46.19.9.32
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://collector_sr.contentexchange.me/sr/collect?event=pageview&gdpr=2&pv=96f60339-c336-4aed-8f9e-3bea24260d60&url=https%3A%2F%2Fgrand.online%2F&ref=direct&user_id=633304886cba4c1f1a59cff1&new=true&tz=0&cs=UTF-8&ns=1664287880526&ts=1664287880728&screen=1200x1600x24

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.32 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trfx.serv.si

Software

nginx/1.16.1 /

Resource Hash

d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx/1.16.1
date: Tue, 27 Sep 2022 14:11:20 GMT
content-type: image/gif

GET
H2

200

8257031363855842095
match.contentexchange.me/adform/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1219&cid=633304886cba4c1f1a59cff1&redirect=https://match.contentexchange.me/adform/__ADFUID__
https://dmp.adform.net/serving/cookie/match?CC=1&party=1219&cid=633304886cba4c1f1a59cff1&redirect=https://match.contentexchange.me/adform/__ADFUID__
https://match.contentexchange.me/adform/8257031363855842095

0
48 B

73ms
51ms

Image
text/plain

46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/8257031363855842095
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:20 GMT
content-length: 0
server: nginx/1.16.1

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:20 GMT
server: nginx
location: https://match.contentexchange.me/adform/8257031363855842095
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

204
No Content

bex
sync1.adnetwork.agency/dmp/sync/
Redirect Chain

https://sync2.adnetwork.agency/image?pbjs=1
https://sync2.adnetwork.agency/42e07a438e71ad07eabd104f7c353355.gif?gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA]
https://match.contentexchange.me/dsp/?redirect_url=https://sync1.adnetwork.agency/dmp/sync/bex
https://sync1.adnetwork.agency/dmp/sync/bex?external_id=633304886cba4c1f1a59cff1

0
277 B

132ms
43ms

Image
text/plain

109.206.161.115
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.adnetwork.agency/dmp/sync/bex?external_id=633304886cba4c1f1a59cff1
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Server: 109.206.161.115 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.161.115.serverel.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 27 Sep 2022 14:11:21 GMT

Redirect headers

location: https://sync1.adnetwork.agency/dmp/sync/bex?external_id=633304886cba4c1f1a59cff1
date: Tue, 27 Sep 2022 14:11:20 GMT
server: nginx/1.16.1

GET
H2 200 boot Show response
tracker_ug.contentexchange.me/ 9 KB
9 KB 84ms
52ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=633304886cba4c1f1a59cff1

Requested by

Host: ug.contentexchange.me
URL: https://ug.contentexchange.me/static/tracker.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

40a111236288e27bf773d8d878df7eaa378c3e51a359a03a78415d7789f47406

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:04 GMT
server: nginx/1.10.0 (Ubuntu)
content-length: 9395
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 326ms
106ms Image
image/gif 54.160.55.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=grand.online&p=%2F&u=DIu1ntKE-vtCf6y-x&d=grand.online&g=66131&g0=No%20Section&g1=Ivana%20Ankic&n=1&f=00001&c=0&x=0&m=0&y=6732&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1563&t=BdDdh8CoYCtzDxfw7fDZB-CXB54dZ3&V=136&i=Grand%20Online&tz=0&sn=1&sv=DWAV2nD2Z_4VChEEjWCKDUpIBH9O4z&sd=1&im=06532c4f&_
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.55.69 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-160-55-69.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2

200

rexdot.js Show response
gars.hit.gemius.pl/__/_1664287880818/
Redirect Chain

https://gars.hit.gemius.pl/_1664287880818/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.onlin...
https://gars.hit.gemius.pl/__/_1664287880818/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.on...

169 B
423 B

16ms
16ms

Script
application/x-javascript

141.95.47.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/__/_1664287880818/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.online%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=EGmxBr9uQvhyrj7Q5YAE3O0Do.rkC1hznzES2_RXTnP.67E_R5FpKs3y4OnVeAwQXV5NPvVGY.PDoI0_09TbXEsq6jR6/Z10S0DVg3k66M/&ltime=358&fpdata=4TC3M5z1sZIU2c2heqZ6u_cnKnAzioa9BK6S6rO_hTb.R7&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Server: 141.95.47.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31479461.ip-141-95-47.eu
Software: GHC /
Resource Hash: 57eee7ef88bf71331b539aafce3c2d557ff17e7a121d62773c01a2e7a22b5380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
server: GHC
expires: Mon, 26 Sep 2022 14:11:20 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1664287880818/rexdot.js?l=100&id=bPqQ_we3dyIIzwyHbWqNX4XCXfZFjQeBKE3jOoyK9Xf.d7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fgrand.online%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=EGmxBr9uQvhyrj7Q5YAE3O0Do.rkC1hznzES2_RXTnP.67E_R5FpKs3y4OnVeAwQXV5NPvVGY.PDoI0_09TbXEsq6jR6/Z10S0DVg3k66M/&ltime=358&fpdata=4TC3M5z1sZIU2c2heqZ6u_cnKnAzioa9BK6S6rO_hTb.R7&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
server: GHC
expires: Mon, 26 Sep 2022 14:11:20 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 57ms
25ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1051808613&t=pageview&_s=1&dl=https%3A%2F%2Fgrand.online%2F&ul=en-us&de=UTF-8&dt=Grand%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1919782968&gjid=1353540236&cid=379704135.1664287881&tid=UA-85054264-1&_gid=1679128844.1664287881&_r=1&_slc=1&z=144991025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://grand.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://grand.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rsAekhpBodngiQx7T-nrivj5umvnf Show response
tracker_ug.contentexchange.me/widget/ 809 B
1023 B 57ms
56ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/widget/rsAekhpBodngiQx7T-nrivj5umvnf?gdpr=2

Requested by

Host: tracker_ug.contentexchange.me
URL: https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=633304886cba4c1f1a59cff1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

564bbc0a1f8d9a2a51d2cfe650221af635e6f6745a7cd44290b43441cf75f73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:04 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.10.0 (Ubuntu)
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf8

GET
H2 200 dwy8atKaNCGxE76vd-77hzl7hqree Show response
tracker_ug.contentexchange.me/widget/ 881 B
1 KB 57ms
57ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/widget/dwy8atKaNCGxE76vd-77hzl7hqree?gdpr=2

Requested by

Host: tracker_ug.contentexchange.me
URL: https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=633304886cba4c1f1a59cff1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

e34b2f616cba899fde7cf3b1a0fda4560bf6b2b5e6b4dfc2b99c9a5eb65207b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:04 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.10.0 (Ubuntu)
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf8

GET
DATA 200
OK truncated
/ 973 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 921 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 84ms
28ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-85054264-1&cid=379704135.1664287881&jid=1919782968&gjid=1353540236&_gid=1679128844.1664287881&_u=IAhAAEAAAAAAAC~&z=1283764444

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://grand.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Sep 2022 14:11:21 GMT
content-type: text/plain
access-control-allow-origin: https://grand.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bexd2iqee4yqcg Show response
analytics.contentexchange.me/bex/widget/61262e6960bd1e63eeeff4b9/ 207 B
360 B 56ms
56ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/widget/61262e6960bd1e63eeeff4b9/bexd2iqee4yqcg?cx_id=633304886cba4c1f1a59cff1&pv=96f60339-c336-4aed-8f9e-3bea24260d60&ref=https%3A%2F%2Fgrand.online%2F
Requested by: Host: analytics.contentexchange.me
URL: https://analytics.contentexchange.me/bex/boot/5e72229c5a2877477058608a?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=new
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 04a6827a7fe274a540e4cebdcb9fc8724e66767c9fd5b4855598b00bcae0cedb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:20 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.16.1
content-encoding: gzip
content-type: text/javascript; charset=utf8

GET
H2 200 bexan4vwt0dndo Show response
analytics.contentexchange.me/bex/widget/63244cfb6cd1a161c3237120/ 50 KB
8 KB 94ms
94ms Script
text/javascript 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.contentexchange.me/bex/widget/63244cfb6cd1a161c3237120/bexan4vwt0dndo?cx_id=633304886cba4c1f1a59cff1&pv=96f60339-c336-4aed-8f9e-3bea24260d60&ref=https%3A%2F%2Fgrand.online%2F
Requested by: Host: analytics.contentexchange.me
URL: https://analytics.contentexchange.me/bex/boot/5e72229c5a2877477058608a?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=new
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: 6495f3ac4983b7365f57d1b25b2ef487d739de89ad0cb6a7caaaf6f5ea1d1e48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.16.1
content-encoding: gzip
content-type: text/javascript; charset=utf8

GET truncated
/ 0
0

GET
H2 200 tracker.js Show response
tracker_ug.contentexchange.me/ 6 KB
6 KB 52ms
52ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/tracker.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

534a603a229776ddbe5b615d484418a95c1a10bdff8d2b08058596aea56977ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: nginx/1.10.0 (Ubuntu)
date: Tue, 27 Sep 2022 14:11:04 GMT
content-type: text/javascript; charset=utf-8

GET truncated
/ 0
0

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 css2
fonts.googleapis.com/ Frame D84F 12 KB
724 B 115ms
55ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&display=swap

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71408a0325b54c72282ee8f24ef71b852773b4768c94a3628f0f4c6ba3ac7fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 13:28:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 27 Sep 2022 14:11:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Sep 2022 14:11:21 GMT

GET
H/1.1 200
OK bg1.png
ox.irv.si/vi/bex/shoppster/mar22/ Frame D84F 4 KB
5 KB 186ms
51ms Image
image/png 46.19.11.65
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox.irv.si/vi/bex/shoppster/mar22/bg1.png
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.19.11.65 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: 2E130B41.rDNS.SiEL.si
Software: nginx /
Resource Hash: 3c8e9a16fafc7158758a656369ac271f6d559ac37047ee1be6faecb28349d2e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Mon, 07 Mar 2022 11:46:08 GMT
Server: nginx
ETag: "6225f080-11a2"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4514

GET
H/1.1 200
OK Mega_akcija.png
ox.irv.si/vi/bex/shoppster/mar22/ Frame D84F 16 KB
17 KB 239ms
104ms Image
image/png 46.19.11.65
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox.irv.si/vi/bex/shoppster/mar22/Mega_akcija.png
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.19.11.65 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: 2E130B41.rDNS.SiEL.si
Software: nginx /
Resource Hash: 8ad4883b33a4e147493e74d0f6d6d6b97579234fea7140ac1480cd80e61fcdfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Wed, 09 Mar 2022 15:21:17 GMT
Server: nginx
ETag: "6228c5ed-41b9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16825

GET
H/1.1 200
OK shoppster_rs_logo_2022.png
ox.irv.si/vi/bex/shoppster/sep22/ Frame D84F 25 KB
25 KB 238ms
103ms Image
image/png 46.19.11.65
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ox.irv.si/vi/bex/shoppster/sep22/shoppster_rs_logo_2022.png
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.19.11.65 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: 2E130B41.rDNS.SiEL.si
Software: nginx /
Resource Hash: 73062451f549da75522500dcb79ac5d6906342371b4fcfd74d236afd4b933807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 14:11:21 GMT
Last-Modified: Fri, 16 Sep 2022 06:58:00 GMT
Server: nginx
ETag: "63241e78-6469"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25705

GET
H2 200 /
images4.contentexchange.me/resize/magic/ Frame D84F 8 KB
8 KB 185ms
54ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/resize/magic/?url=https%3A%2F%2Fwww.shoppster.com%2Fmedias%2F3165140289597-01-1-ung-680Wx510H%3Fcontext%3DbWFzdGVyfGltYWdlc3w2NDgxMnxpbWFnZS9qcGVnfGg3NS9oMDUvMTIzOTA4OTk1MTU0MjIvMzE2NTE0MDI4OTU5N18wMV8xX3VuZy02ODBXeDUxMEh8OTUyMDU3Njk5N2QwYjI1NTY2ZjE3OTNjZmI4YWQ2YWU3OTU5ZDg5ZjRjMjg0MzMxNGUxYzQ3NTc1YjY3MjIwNA&size=300x300
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 8e2a93ef0e3902ded1efa93d5d783634643150325a7805627b94bc68a12e232d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/resize/magic/ Frame D84F 10 KB
11 KB 236ms
105ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/resize/magic/?url=https%3A%2F%2Fwww.shoppster.com%2Fmedias%2F4966376249848-01-0152-ung-680Wx510H%3Fcontext%3DbWFzdGVyfGltYWdlc3w0NjI0M3xpbWFnZS9qcGVnfGg3Ny9oZTgvMTI3MTgxMDA1MTI3OTgvNDk2NjM3NjI0OTg0OF8wMV8wMTUyX3VuZy02ODBXeDUxMEh8M2ZjNGM5MTAyYTQwZjE3MTg5ZDhkYjRhMmIyYjE4MzA5ZGRhNWY4MDk4NmE2ZDExNzllODgzOWYyMDc3OTQ1Nw&size=300x300
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: bc177e40b0e3b12eabefd63c7ebd4b4eb37b73e60a71c25e2dd9996cc02adac0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/resize/magic/ Frame D84F 10 KB
10 KB 235ms
104ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/resize/magic/?url=https%3A%2F%2Fwww.shoppster.com%2Fmedias%2F3165140865579-01-1-ung-680Wx510H%3Fcontext%3DbWFzdGVyfGltYWdlc3wzMTA4NnxpbWFnZS9qcGVnfGhiNC9oZGQvNDUyNDk3MDcxODAwNjIvMzE2NTE0MDg2NTU3OV8wMV8xX3VuZy02ODBXeDUxMEh8MjNkOWEzMWNkOTcxMGNmNDhmNjQ5YTJkM2M2ODRjYjdjYTJlNDMyM2U3NWNlYjRiM2Q5NDI4YmQzZTIwY2QwZg&size=300x300
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 9dcfe9bf55848fac4e3756dd72429d4c3a9cdf663d84d2e38d5e0a11dce1c7b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/resize/magic/ Frame D84F 9 KB
9 KB 277ms
150ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/resize/magic/?url=https%3A%2F%2Fwww.shoppster.com%2Fmedias%2F4966376123667-01-0152-ung-680Wx510H%3Fcontext%3DbWFzdGVyfGltYWdlc3wzODg3NHxpbWFnZS9qcGVnfGgxOC9oZjYvMTI3MTgxMDAxMTk1ODIvNDk2NjM3NjEyMzY2N18wMV8wMTUyX3VuZy02ODBXeDUxMEh8MTJhMTQ1MTYwODFmYzg4MGRhZTE0Y2YwMjNkNjc3N2NhZWViMzRlMDhjYTIxZDVhOTI5NTVmNmNjNzg2NDE2Nw&size=300x300
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 9d28cccf27df46d9dafd5f5b6b5f6aa78592e13b7e959b564156b83d776e978c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/resize/magic/ Frame D84F 10 KB
10 KB 282ms
156ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/resize/magic/?url=https%3A%2F%2Fwww.shoppster.com%2Fmedias%2F8711245147895-01-1-ung-680Wx510H%3Fcontext%3DbWFzdGVyfGltYWdlc3wyNzE2NDh8aW1hZ2UvanBlZ3xoYmUvaDI5LzEzMTczMDY1NzQ0NDE0Lzg3MTEyNDUxNDc4OTVfMDFfMV91bmctNjgwV3g1MTBIfGQyYTNiZDJhZmRkYzMzMmM0OTY4MTJjY2M3ZmZiNWZlMjk2YzYxMDQzYmMzMzYwMzkyNjUyM2YzNzk0YzQ2OTU&size=300x300
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: f0ea825fe8eda5b0cbf0c644e4a86bbd704a30897344c7d84b23bd50d1ebcf8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/resize/magic/ Frame D84F 11 KB
11 KB 283ms
157ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/resize/magic/?url=https%3A%2F%2Fwww.shoppster.com%2Fmedias%2F3165140850247-01-1-ung-680Wx510H%3Fcontext%3DbWFzdGVyfGltYWdlc3wzNDIxOXxpbWFnZS9qcGVnfGg3YS9oMzIvNDUyNDk3MTg5NzY1NDIvMzE2NTE0MDg1MDI0N18wMV8xX3VuZy02ODBXeDUxMEh8ZDNlNzdiNTU2ZjdmYWI5MmIxYjdhZTUyNzlkNjg5ZGY3MGNhZmNkZDc5N2MwMjQ0NTFiMjZiOTI0ZTk1YTVhYg&size=300x300
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 8d47fe10df78e6392e8aeb73e5e1f672bd56be721e53290e2ae4e53e6c3ff04b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/resize/magic/ Frame D84F 11 KB
11 KB 151ms
150ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/resize/magic/?url=https%3A%2F%2Fwww.shoppster.com%2Fmedias%2F3165140583657-01-1-ung-680Wx510H%3Fcontext%3DbWFzdGVyfGltYWdlc3w2NTQxOHxpbWFnZS9qcGVnfGg1OC9oYzIvNTEwNTg2MzA2MjMyNjIvMzE2NTE0MDU4MzY1N18wMV8xX3VuZy02ODBXeDUxMEh8YTc1ZmM5MjRmZDVmYWJiODA5MGQ3OWViN2E2YjU4YzA5NjNlOGE4MzUwNGE5OTE4NDgyNDQ5ZDIyNmQ3ZGUzNw&size=300x300
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 2b3c66aa094d563c51c306db7ef3a7d8db3f041c627867a8928a5f0636ddf9a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 NfSyfxPKzJuosYyGC-54r2hw7zc4 Show response
tracker_ug.contentexchange.me/widget/ 13 KB
13 KB 69ms
68ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/widget/NfSyfxPKzJuosYyGC-54r2hw7zc4?gdpr=2

Requested by

Host: tracker_ug.contentexchange.me
URL: https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=633304886cba4c1f1a59cff1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

3dbd68539b9bb6baa36d8f00bd5de137b981f4f3933c9c726e438f3b079248da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:04 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.10.0 (Ubuntu)
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf8

GET
H2 200 rAKYT4L9qRLPdQr86-jzdmwuzo9xd Show response
tracker_ug.contentexchange.me/widget/ 12 KB
12 KB 107ms
107ms Script
text/javascript 46.19.9.50
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker_ug.contentexchange.me/widget/rAKYT4L9qRLPdQr86-jzdmwuzo9xd?gdpr=2

Requested by

Host: tracker_ug.contentexchange.me
URL: https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=633304886cba4c1f1a59cff1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

46.19.9.50 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

2E130C26.rDNS.SiEL.si

Software

nginx/1.10.0 (Ubuntu) /

Resource Hash

05127210415a163b172dec12ee903bedb72b079ba4d62b4b532057e3cb4a9268

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:04 GMT
cache-control: private, max-age=0, must-revalidate, no-store, no-cache
referrer-policy: unsafe-url
server: nginx/1.10.0 (Ubuntu)
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf8

GET
H3 200 css
fonts.googleapis.com/ 2 KB
552 B 63ms
63ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&display=swap

Requested by

Host: tracker_ug.contentexchange.me
URL: https://tracker_ug.contentexchange.me/boot?url=https%3A%2F%2Fgrand.online%2F&ref=direct&gdpr=2&cx_id=633304886cba4c1f1a59cff1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 13:04:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 27 Sep 2022 14:11:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Sep 2022 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 30 KB
31 KB 151ms
150ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fapi.shoppster.com%2Fmedias%2FBlog-Headline-Cat-06-Post-12.jpg%3Fcontext%3DbWFzdGVyfHJvb3R8MzgxNjk4fGltYWdlL2pwZWd8aGIyL2gyZi85OTcyMjgzMzc1NjQ2L0Jsb2dfSGVhZGxpbmVfQ2F0XzA2X1Bvc3RfMTIuanBnfGRlOTAwNmQxMWI1ZTAyZTk4ZmQ3MjM0NTAwMDNmMmViYjMyN2MwN2ZjMDAwMGVmMzgxYWZjOWJkZjhlNDkyZjA&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: dd95b1a36a47b437e71461c9bbf62d433752eafdf3de90f78d8cfd156b52f710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 19 KB
19 KB 151ms
150ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fgrand.online%2Fuploaded%2Ffiles%2F5d0aeafa43d9a1cbef36756a4acd89441e1e4155.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 7f4a81809799263f414802b2294bd49f332bb2626acc1901bfb51863f44ddd35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 15 KB
16 KB 151ms
151ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Frs.n1info.com%2Fwp-content%2Fuploads%2F2022%2F09%2F26%2F1664227115-bojana-zekic-1200x800.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 1eba897fc3da04f720aded8ab910899eca119b78ceed483c6298c7e7b0fa4a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 18 KB
18 KB 152ms
151ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Frs.n1info.com%2Fwp-content%2Fuploads%2F2022%2F09%2F25%2F1664132828-AA-20220925-28988075-28988056-SULTAN_KOSEN_VISOK_JE_251_METAR_I_NAJVISI_JE_COVJEK_NA_SVIJETU-1200x800.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 635e8e9c95e057133de2d0d982402d68d6c112da4bc7611da1c122541874c2e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 18 KB
18 KB 152ms
151ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fgrand.online%2Fuploaded%2Ffiles%2F5965e903dbe3c1bfcc3f30aecbaf5a327ed5e5b9.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: df39da0e1b6ebf2e4b2952300401e0a79d585fabd51245cc2d9076651e138418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 14 KB
14 KB 152ms
151ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fwww.shoppster.rs%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fhttps%3A%2F%2Fwww.shoppster.rs%2Fmedias%2FHrcak-Velika.jpg%3Fcontext%3DbWFzdGVyfHJvb3R8MTUxOTI3fGltYWdlL2pwZWd8aDAxL2gxZC82NDY3MTE1MjczNDIzOC9IcmNhay1WZWxpa2EuanBnfDFhNDBjM2QwY2YzYTNmYjc3OTRmMDM1ODdmN2QxMmQzMjY5ODE2YmQ1YTk3YTk5YWFiOTdmNmU5Yjk2ZmQ5YTA&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 5b67e2f67191105e6af18e8ff42b88a0c6c9b209aff9f0ba8c122ae67cee2663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 16 KB
16 KB 152ms
152ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fgrand.online%2Fuploaded%2Ffiles%2Ffae98726cff6ab924d886cd88fe42b067e8f5c83.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 37d81d7cb35d40b2124d75a3d6998ce803eb0a39be43f313c91e74a28291b8d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 19 KB
19 KB 152ms
152ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fwww.shoppster.rs%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Fhttps%3A%2F%2Fwww.shoppster.rs%2Fmedias%2FSLADOLED-NASLOVNA.jpg%3Fcontext%3DbWFzdGVyfHJvb3R8MTMxMzkwfGltYWdlL2pwZWd8aDA4L2hhOS82NDYwODA3OTUxMTU4Mi9TTEFET0xFRCBOQVNMT1ZOQS5qcGd8NDQxMmM3YjIxZDA1ZDIzZDZmOTI3N2QyZmQ2NTIyNDRiNGE3MzQxNmYzYTY5YjMzNmRlNDY5Nzc1ZTM5MjZjNw&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 2fbed2e5bf19b1c8e3504510b614b6421cdaeb7a23ba31c24fa71c2552bbfac4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 ce_thumb.png
www.contentexchange.me/static/ 2 KB
3 KB 170ms
51ms Image
image/png 46.19.8.15
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.contentexchange.me/static/ce_thumb.png
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.8.15 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: 2E130833.rDNS.SiEL.si
Software: nginx/1.12.1 / SIEL.NINJA
Resource Hash: 8f327829d94bda1536bc1a970fbfd21ce22bb0f048cd9437ce9a1f0401cd1b9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
via: 1.1 varnish-v4
last-modified: Mon, 19 Jan 2015 12:15:40 GMT
server: nginx/1.12.1
age: 42822
x-powered-by: SIEL.NINJA
etag: "950-50d0047d73300"
x-cache: HIT
content-type: image/png
cache-control: private, max-age=3153600
x-varnish: 304502387 304252774
accept-ranges: bytes
content-length: 2384

GET
H2 200 NfSyfxPKzJuosYyGC Show response
hb.contentexchange.me/widget/ 15 KB
15 KB 309ms
108ms Script
text/plain 46.19.9.11
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.contentexchange.me/widget/NfSyfxPKzJuosYyGC?domain=grand.online

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trafex.serv.si

Software

nginx/1.14.1 /

Resource Hash

6844e58027dd0ba3b02d82b52feab8e8b840e59b51e0f92a8fe4e6d84f383d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
vary: Origin
server: nginx/1.14.1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 14952
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8

GET
H3 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v13/ Frame D84F 24 KB
24 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v13/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c9bb0126992129d561e6615234943f04520c69bdba33205c935ca70414c2ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 13:46:02 GMT
x-content-type-options: nosniff
age: 433519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24328
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:14:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 13:46:02 GMT

GET
H3 200 xn7gYHE41ni1AdIRggmxSuXd.woff2
fonts.gstatic.com/s/manrope/v13/ Frame D84F 14 KB
14 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v13/xn7gYHE41ni1AdIRggmxSuXd.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

342e6d3ee6f579e0c4882d55b3511a7a9fe6863d84b034dfc87ce25939148300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://grand.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 17:10:00 GMT
x-content-type-options: nosniff
age: 75681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14820
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:13:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 17:10:00 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 203 KB
204 KB 148ms
146ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fnadlanu.com%2Fwp-content%2Fuploads%2F2022%2F09%2FKristijan-Golubovic-5.png&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: f36fa525279edb84435237b8598c768d716c37dafae451ab2eb6b2d51a9905f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 19 KB
20 KB 148ms
145ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fzadovoljna.nova.rs%2Fwp-content%2Fuploads%2F2022%2F09%2F27%2F1664275291-profimedia-0618941433-1200x800.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: bbcef8c61608c49c83bf811ada71ddc9a2ae7a42b82132df136c9b559956c785

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 13 KB
13 KB 148ms
146ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fnova.rs%2Fwp-content%2Fuploads%2F2020%2F07%2Fh_53582176-1110x625.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 363c2a352813c8fc3ebb4e19e721ecc61f1e75940133306219322f512460a941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 15 KB
15 KB 148ms
146ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fwww.gloria.rs%2Fdata%2Fimages%2F2021-04-09%2F58997_ivana-spanovic-instagram_f.jpg%3Fv%3D1664207457&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: dc1e701bb61637c52b6c0ac164272f0b599f3a673745ec2ff12fdae3ff616b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 22 KB
22 KB 149ms
148ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Frs.n1info.com%2Fwp-content%2Fuploads%2F2019%2F04%2Fcorba-od-pecuraka-257375.jpeg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: f4f945bff1a44312deba2e479229daf550192946a6dcef4fe33d664e3a3ddc99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 14 KB
15 KB 150ms
148ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fzadovoljna.nova.rs%2Fwp-content%2Fuploads%2F2022%2F09%2F27%2F1664274887-collage-1200x800.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: a8efecc97c27e81de65c176ca2de2000f6fae814c3912b78f547e7dc54ebe34f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 13 KB
13 KB 150ms
148ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fwww.story.rs%2Fdata%2Fimages%2F2021-01-08%2F41106_goca-bozinovska-ata-images_f.jpg&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: 4d2ba77d32ea8a5c7d80dca2e50955d1fe46af0302db62cae488a4d10da7321c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 /
images4.contentexchange.me/fit/magic/ 181 KB
181 KB 150ms
148ms Image
image/jpeg 185.97.52.29
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.contentexchange.me/fit/magic/?url=https%3A%2F%2Fnova.rs%2Fwp-content%2Fuploads%2F2022%2F09%2F27%2F1664268129-Krunic-povreda.png&size=400x209
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.97.52.29 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: cex1.vsn.serv.si
Software: nginx/1.16.1 /
Resource Hash: c408504d97de5ed6856daaefbb299058cf144f9a064d99f69826e22e3f34f24e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: max-age=31536000
server: nginx/1.16.1
content-type: image/jpeg; charset=utf-8
x-cache-status: HIT
expires: Wed, 27 Sep 2023 14:11:21 GMT

GET
H2 200 rAKYT4L9qRLPdQr86 Show response
hb.contentexchange.me/widget/ 15 KB
15 KB 253ms
100ms Script
text/plain 46.19.9.11
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.contentexchange.me/widget/rAKYT4L9qRLPdQr86?domain=grand.online

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trafex.serv.si

Software

nginx/1.14.1 /

Resource Hash

6844e58027dd0ba3b02d82b52feab8e8b840e59b51e0f92a8fe4e6d84f383d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
vary: Origin
server: nginx/1.14.1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 14952
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 57ms
16ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 05:47:41 GMT
content-encoding: gzip
age: 1153420
x-guploader-uploadid: ADPycdvqYWr4XlcgogWQv1CUKqMPpl5vfnpXVcXgwGPC8Zdt9c3EaH1AN9TP9qap5Fs6TeD5UJ3zYNvH-rbYbZWiqGonRQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 14 Sep 2023 05:47:41 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 76ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a097f145b7b5399d1f8e9c86b6f4a36e43f5553fa77c7b2951504731914535ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-a1fb"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Sep 2022 14:11:21 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 566ms
174ms Script
application/javascript 35.164.244.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.244.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-244-115.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: public, max-age=86400
last-modified: Tue, 27 Sep 2022 12:42:04 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 81ms
30ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
age: 3037
etag: W/"52bb09fbb0a7c9360d68135b7668a1d7"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 7514d3fa9b309b86-FRA
x-amz-request-id: VD6XB4MBHFJKJ9DH
x-amz-id-2: a05TOcWOnJKrOsbJzgI4ouelLEAs/jW7tt5UEs3lfB6eB8+M9ZBIxELZdCS20TkaNbFYH4Y+BAg=

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 383ms
120ms Script
application/javascript 3.134.134.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.134.134.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-134-134-122.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
H3 200 container.html Show response
dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8C54 6 KB
3 KB 51ms
18ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:20 GMT
expires: Wed, 27 Sep 2023 14:11:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FEE5 6 KB
3 KB 44ms
19ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:20 GMT
expires: Wed, 27 Sep 2023 14:11:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A184 6 KB
3 KB 47ms
25ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:20 GMT
expires: Wed, 27 Sep 2023 14:11:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E5D2 6 KB
3 KB 42ms
26ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:20 GMT
expires: Wed, 27 Sep 2023 14:11:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp&cc=1

85 B
103 B

144ms
126ms

Fetch
application/json

34.120.135.53
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp&cc=1
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H3
Server: 34.120.135.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 63e3150ba532c289122e02192742f859f97627901b3a9f0e91a24754e0d41a87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
via: 1.1 google
etag: W/"55-tSDZAdYvAXywjzUPLq+66bMpL/I"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://grand.online
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 27 Sep 2022 14:11:21 GMT
via: 1.1 google
access-control-allow-origin: https://grand.online
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Fgrand.online%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 74DC 624 B
745 B 29ms
28ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYtZai0wEwAQ&v=APEucNXOyTRdd2LYrW0h5sDqKBkRmY10qyhx_rim_y0YZBt9Ks6pNXQnSmkEfS78pgQmHlLTHj4k9U_obGRiWEsObJe0cYxvnmsaMuPn3JTqCnWiMWeu8O5nOVqfARdObcyW18Idc61MiGmUWm7vyo_xEBk05Dg4AHlOq20se8w9EW_nURIO184

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:21 GMT
expires: Tue, 27 Sep 2022 14:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8C54 81 KB
34 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDqmOP55nyolpnGPBP_kQwYlxctmy14485fobjR4e8JPciDxzk1GhEj5Qj58VPM5nAk4GaTXM_0Q9W4m4kZb6be7AlGQi7pSvY3LL9_QQMXKUNQkT-Hr3w74O9nBPl3OCx-ZjvcSh1iDafFNxB8_fTh7Q-wO4xunNnoCViD8NJaIbw65FTOvffNzcLG9Y5EVSfa1jY&cry=1&dbm_d=AKAmf-DCdmhpddaoFt5BybghL9O9yduKSvh415-hydl-NwFEj7sAKMN3FcZBCOGnFLkNSZMkFeEp-a4P-nVFeZG_fOvHZXSj-PAggnUUD2NTKwlX7dJXcfBJC1qW6MtQWDQXV1wByw7q-8jZXf6ff8rWYOUW7i-rh8aJtHbcyhrbDAYUmBCxSJ5Wu7Vd6FpjCKTPONpl_VhsMkDRoDADM20l3OOumzVz48lXsmA_XlwEEv5vJI62cmGtJzFcnGj9uJYj7_2FIT1lJXvnFPl8Nhj5w3zG0ozov6uX3XmrNiS8ONmzHLq4EKqq4tnmbtoxK8X9E24R1JH8dUVZ2qRxWoB50cTeR7BqpvjFUoJsf9pThX_1dp8YIGQcXhQ7y7ZiEC5KslLFKcAFJLsyDX_-TghGvS-JF8EudkTLQj494f2auS7bbWTgR21VRavV88D2wxlvpmW-CyObitkwXL5pCh7IjHqwj4rp8zLTQa5g6n4COY9221LXOhIsU9JD1-i3JmFyzuZqldVhqnD3BvESM55I1RsjQRGCYUAo9GSbfVzJee4Ew5Jg8QX_w_Kjrin84ecJ8pR85nkWF058VY1L9eEnNU_eAXlP41Bu_siTeIpgQ8hsNKbbUvb6tlZ_hc7JQcKkWJ-Df8HbUH8W96SqGzlSw4RQeMnmV_61cKXOvW4HIS2ECuILOI6_3Cd-HrV5AJE69wP1G9uC4aDbTNsWuOX05Q8ZnPPZinSQcfXo9sqKS1kPoKvCopI3dyAnNoIO31UsO0DgbS7wD7VTgPKNv8H9ripwriLtTkW-kvZFfd7iD5Ol1k6dyUJD8PiUvtOApvIK3j7d2mx3gYSMFbPOvVzRlifRak-26tGOhb0msz6UsyZdfsVSoV26ypTv3f_fHGU2s3x8vC4vF_1AwH23qBJKzemU6QdFzK9OQSvQmfJYm-YvWyKRVh1L9gFRYm4SP0K_ehMilxCy-RG-1C0kyUy-z6BiTFMIJ6HEPPJtBM999GS5Ld63L6-5BTMrmgDm9JrNGI0rFGrv0Cn_nbz-gJE9dPfGvpWVR6T3ZKdb-CpcNVGPmqVO2oze6bMSto3Wot46RJkBLBylJ4EEM4flxAQHykviKZJvHQUE3vRtEriRs9bPQdPPVrIV0TEK4wSGcy_6Twtvvk-XtPYBE0oaUkekDwTEkF6oDfz3JHM6D17ngD_mwIcZnAYNcH8-Bq53Cdu3kqrMahgKDotWQ5260W4kCTNnJkaWnFmlOl4PidZO9gUdeEHm18yYTKkWJsXOTXCILfKtM_fTIugMlVOHFKjX--Wpp8oeawstQJQkuxawBbruiaK2jnub7kGc25vWBADgzHyBXcVPW2PqUhQmga7u2LPEy_3FgWJDRrkgR2wbFcZVF-6T6bM1Rx8bma_W_hvZfOmh43td1SbK0ybj1_j1cDMr5Pjo6bYe6gAhtFas0EzXCKbijp8qdZe4NescHxRoduxahuazzWpi0D30q6BkJ2BEg5jzSXqxb6LX2EMXS6a9t0z8z2jhsms4UjEJVht-VzAcLr5bPyJBrjNnAfdP-TWVFy2FGTHhmmLYnfYeOJG8vrJH_hfiImgfqQ7U-ikQo4Y9qSl-Yho529dBXeQIzJiEliUDNHbVa_JoyQ58Nmw6dgvLa3up-9IKhqre3jt2xPdZZECR03iRpWDZks3jyvcBJiv7bnxwiRMBqpSylZxBp2lJHPsgBGKLeVZ2UY38km-a5pdkijj6G-EHiq5lThq-bKbUG7vszftqYv3r4y4EAKDsM9pucclHTnEHPyQen16nww9A8Tuz81AMSee_8HJwq_kqU1-QVxR5N4XRZnZWx842GfYF71QLOXETPx9PonV6IyRy2B1pmYBc9lMWi5O4tl7dAjI1IxpBmPoe0QNj0Lkus8oYDx5boGN6p_MysSTdkFOKGqOj-mrbWge7qWSYDAnDaut5oYqbIeSWuIMe9-EVDWqRvOIbdtly9iVmoFH8PksqQ7C7qoPLFiEwfx10dEssmaFfgYYQtf124P6PyKgdAd7dCezy482NVxbIypa0VahGUQdFgoiOOysBBNx2F21uiAl_m3x3w9Whqgn0M9ydl4qxQB5CCiFRj3DoVQteuADeoid85X8jyxBejnyJLoTzG5U5qV1_jXc-uwsOJMNs9wlpCRWC18EwwsIyvUXIKYd2VvZEmya1BcbEptmIqMWdQU84jFRhFbwcN-xikZ2Xn06CI0GgzepiQD9dUzylwbXZ2AeRhCN-f8AD3b4qhleXQqVq6qMco3v1XOLKgxyEI2GM1mqg3eFXV7tQHsdK97Vkj9vboXwY6sAs8ACUoJrPi6RwH4z_EpRXbJBcUoQi4xg0LZidwF5C-TBDVSR4TCx1Bb337okH3POKjJ6IPJ4vlQnOm_qGYSzIaHuiCe0B3_UWC7OvpeZpY5Yo-2LnJLBPbaG4cpX2exQHdqU5dNC8SgmRDTGoa8mmEDZLPwWD8aQGXhslwb0wNiWXXtZnx4BduolBFEh6UNRnsiWPCcRZ2-F0xqsIgZqIOuHwEaif37LjTYeQLqMICpIvGxbGM1qcLTb6--V745glWisGVx7RBRi_RodLNnAjPhIn5tdbdyjRLGNu40DeO8sD3oD-R1v4DX0ztQpfype0zcCZhMTyiA6pp4vkZT4vCppcXZDZDeiY8iWtVfLuqKWe8NLW8WHNEdvov6QEbZjNHigjSfYVmMBGUZxye_pi1CCWFTNhCfv7525vN1ZkSixzGpvdafXWyfaKDCfhAWeasRZO5ZjigK9cnDRS7kRjG4Eg_yBGH8cVuxcbQlVgZHHXjyOq-o338wMho6DjpH6r-EU1ZmVrfWd5h8JhfIwW1xRNX8ELod2PQNFf3VwTTj8-kY6IUdMyzbxD4yvCGKQMnSgeCf53RQA8bbH-1-MQ5sn5hMOaoQ2W_2nnuvqFIuYYAvIxfK3_FSYTG5ygEaSCUb7za8YOpsIWq4je34P_Q274xgykIYgXX8Y-nBpnStwWZQJl2Bka99Krfsy2sVlifj2e4SE9mNn87rG__vu3H4VQAob3UTX2-5jn2cKUTgryiwvAp389QQE9E181aaPSVK6lJeq42aeYe6oTgf9MPJ56L-PUd6XPunC1hRzlJ3GB6a6WSfh7s9dz7rHPszH64rOKCZsYK-837pvN3FEeKd9QEN-2S5F5vdYGxZ9XIitlSiuIcldN1qT87jcy04KqwS3i_VQ-6DwKpgjS3t90WiV7tmJdCQ9dDxyskB46IH-DM21kQtFYHjZa8qDwsADzZB__4FU9gocJGkQ5l31tY13FpwVUHxc8Cka41t31DbsZS9g5e3T8vhxNI8ini943mb9tvalHXkmkrjFc-eeJmgRYegAvcB_RzqvWJW1GfOGYg5TCmtffhXAe-HCrVPgq547qMWLJJeMnCGHcla74MoW604yiOPS4vbgfnRKjdjhV0L8De2bJji6xsUP0tLHLDAAtOD--w3LeinRw7aOVCBZQ89fWsCvWQqEWhXulaP0NGI3QpL0I2VErTtObG1LyOXGvQxQXd1CDuTrRQ1d-obwTRIheVhgnn--5viHboHb3MEdn2LyHo9yqAeUFESkjh7LzLUk1Rzi5ruFsquebHtTYajlrNS6qtlrlztiZiNy6EbblIolbMfhDMIdJrsQ4rpAUQ_sNyjMnGh5qzT5LbvJlgUN9eUQPLKOStrEwbYa0-RXKDObawk0oOR45lhaFG3a1NGXEcSwWnpNUjxXwqyA7BiCeMJk-5uQIpTfqHQ0WmUiMhi_tgP-DuOt1JvMnVLkm1Ab4k5Pg6W8Be-3ygM4h3hRUWDUfqETgb6KTHuWek6vKyQ_gyqdfbNPuJ6i8zYspnlbNj7q1jFhM2ZDEE_m8X7VRdH8&cid=CAASKORobrhWzAiVhfrG0hLqWPqH65eYzdB1y8GoH6qrPcqrIaVFh2mnO6U&rfl=1%2Chttps%253A%252F%252Fgrand.online%252F%240

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83343e2e64664fcc3f86bc3a8596a1af6bbf0db3e6e55944d5312a1b39955f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C54 42 B
107 B 67ms
49ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFM6-cK6aftWbRG5TwR4HPq1VPms9_W2hwXVl4uqRKO4qesmFfBCOMXky4nyhzSp4Z46H3t-ijdV7rbex_Ju8CPUA0GC8PK98VIFWzlLqdzwcDx8g

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 8C54 3 KB
1 KB 94ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:06:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 8C54 17 KB
8 KB 76ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:10:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8C54 0
0 139ms
52ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqb3iiKFthcb42XJvuixswqchyt0yFx4SaiKE2pBIdZhTqRA85tjnHmwWQdZ8xnrVByVawvYTVzbrgrIH5UPfoJUxk1Q
Requested by: Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C54 140 KB
44 KB 177ms
77ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 14:11:21 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AC8B 624 B
559 B 29ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjjzK3DATAB&v=APEucNVkWqreWHMvOyeEP8bvessb280wpD__6kHmLsSVZUHfDDv81SvX7NCgkF1Y9PeDvzbOKFPp9DQ9XW6lhL-OR0qV-mRFd9j3Z3w8MwqXHjeXlvFKJ51pXJMorRCdIh848MAe9hUqYZah-x-fzbZZCiRDNtAJULY8k6bIl_1YUvd_ayzKSVU

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:21 GMT
expires: Tue, 27 Sep 2022 14:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FEE5 80 KB
34 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5Y9L12JwviiaedGKOvoo9w7B90HPM63urRz7SKdLJKYj9MBWiIjVAiIQAP0lIIRcPoT2uY86fineN7AuHlZHfNAumv0kXsBNS7RbTCGeichLMcps6HRK_8RZ5wZGap5QB3J-lShv4ijbu-QTDGsmrZyQEMA&dbm_d=AKAmf-AebGNgbomFWpp36H1uKXdmyt8SzmkD3CMuqi0DM43mHEaXmh4JV6_NqYDx7oifToBF03fHkHqWLTP6WhYdUUjd7CrywCZ8JFzxyN7FT2XSPKtF_95WSFbeZlTl9FOJ83I9rTBWH4cF6cZEJI7h3yn4n7je5586HhMqhtSg93JCQgEXOFpKD4xEEv8k7ZQ9LIgItiPicEef8dc15yg7SWP0c-XbcOnHv6Izy0nc62yYndWo9CMeATwF3_WUvJacHyxLNkBnuXBVnZzgMw4Qz20nLdx4Xvjw_oEuC6Of2fkhpLmCnIdZ5H2LfVt4yMhAS6M0w7qwXUdyJkIOPQwrnv7hbReLj4E0tzNqIXeA2bASoaUTdLb-i539ZkydbnN4ELbwPyOMxjfeUn5jmfQUIDr75qJ5KsuzYGcsGZZjSfXHS1XQ8VfRwS2pSZFl19XTN5Gj4cmjS3jwWKBLenL0g_BBlGo10LE8cWMngoEkwSGxklXZXLjAecNWkKJpfOMFGD2W9Q35Mdfm9qGLr3zVFsTwYEdBXN88uu7Kklh6cknneRYNpMInhNKsrX3_LNXK7a646gzMB8QyHvZGh9AdGhn87Gl_PCFCe_jx9tYTdaB4BHzfOiVLlBEaUjktPsjIpH_2SlLGzixpJ_8B7rkNuxkOeyKhi8uZPUZW-KholKlxrgQLa3kJdwMcCkCdRbOcglHdqnHGJaCS9l0slwUHyDL-XAY4LP38BKIJXQ98igl3Zm7FBFRS_TADFDclmpcZJXiBQJIL7ghSvcW7dvsoss342GP_JNs1UIRTqcsBUgC6VIbbUtp-YvucyS1vrodetGUyjhT0fV2BEM8lVDdjgE5MDe7VoeKpOwG0PLs8BoTmv87eQycmg4idW-DrSz3DSq8ZsrwuXKpzSSk4Vzwmxew-bhi3FQRGj5_e26BMRYjX-9bC-5e7QzefsxuMF09vsm7ZmKnfXrzc5N8gbCa6DXX2azoJzlepk0NilQo7NAQ4WGJsyNv8PshXdHKibVAY0c8Ybrt1VxT-GL8Rx1dvUnPshylmC1pEGN8vf7cxgNtD0nIyHnF-7dXiNtFPYbMDgqe0f7s2mhmzMTc39kkoyn4B6xi8IOoflJZ_1SQSHEAzZ16soS5s3c5Yh8oqj5GjkQDBaBVTvQK6mpSKkFvB2NfVEpZh0lI-gcFl07UQaAe7VtoyEW2Zghc1Vl9eJVl37o8TqYvj7E9NMLK6vqnMfoOnVIlroIPINi76nLk31RuthTwOdel_bxUn0b-Kb4BufOEbVVR5FwjEigauq832VuBoGLNS5OKA3pzhjbRGx0RkUVu97R0sBhm7jQq8XM6ku7sz_CFucXC82YDGGJyN5_zAG2w8Gxb4f3w77A52ptA7rk7CqIV005WjuYdvVRXup8et5xKnOenWp6cNEX5ixS325Rvc34KoSSI0zMiOhlOQi89H6ugCNg2fEt5EiRBIYGG5TvDXMIJ4DkVJk68Yx8mH571tWP_-B0uS_c4SZr1-Ny1U1bvFpDtBnPP3aJjUVAMDfYS87R_KJkAK0twhK1xcAx45h4F5gElfD40ETCC1EGTZD6Ye9X2BZwnD8GXUvkkv4Cwqic-1rg6nPqY_xl_gZr5jX03r2lQ1iw8f1Yf-18rFxuf91BRlfIDT7meXZISBJ8g_3VyAbMs1-oux8KZ9U0TrkId9ykqE8Vs7q49uGrWCepYMs29JOduU2Fyd2RsDzfJL-9Rtwy0O3rruKWvcBHREgQg4udwjDj7EoKddRaOWR9XNiaUkMGU_VqJDPiML2_87RbzX5Y3I1ZoQK0-dbO_Zc-sB2bL_Ve_uu4QqUfbxlFVDfFwZWzvT2I8x_606fbse7wpu9ndwOLUJTLn44K9h0psPMwY7xhCv75mZZctp8wprPcTWtSPyJSuIsm6_cY52-MAHfHZEPmGP_duBuBme-Vj4hQ5qHTPkloFpcg3e-Z5f6SHHg3Am1xdgtJ1EwqcVV3Jev6u0-H3-JhtcE6jjpJGOHj36KsPA-0MLPHpGv7bwz20Rye7jbwATNe_lZJNA9ET_YGSD4bd6pM-A3PS9-IFFTdXEywYn3GjebOtObqYHwd0TsZnwhck8bmovy5RG5geahDzX3-zSpwPUCDTVS8JDtmv-BnpHs9VF9DozWDKxvZxlvuR_WZ7Dj29zU8fO41HrpLj_1QnIRGNfcWr7tUzJ7bENqSHCiRqXj2dnQPf9kzbydtx4j02WA-vrodrQtlBuiQ1-E6N94t42UCn66z1bB0gYEKAGpSjv5n4suLg8dFyxKFDsOtVXlGuq_AGkXd4FdQIuXNBxWuTOJ5Lbv3soSz8fDS2cFQBEkbf5fGIcfJkOzGcMZJ9fp0RjlFk1f_Ete3rM5GnuUTF074sUWRAKg8sHaEubyDHbmXeWS7-t28MPxl43W1bk_4qvADgkYi0GoWtgYtK9hpXMWcFPaCvOeyF_frzCCuHb4xKV4LnV1KxKnKXMVaOq80caE1jTELUk6bH-U_0XLbKW8rkYnwo75uUrhZGjk1G4vMF5lvER-O7kyJzeAAa_XoBvgs7-IWvjUgKUwJ8mQN2rkU44T9IC2wOwDK3tA_Py2MHaK0D0UrrWAiPDwgZntZaCNhJbCjYPTe4-l5XeSk7yTDlYHRDtt4uB1QRudqcvfEzXdDFSX4fXmWReiUt43bA6czi4azosnNANFzhQX-YdGKFBqmjwjFzIIA-KaF5bB1iyU99GnG_rIyWPbsdlACRcinRt9P_mrR18B1yPkDcc-g46Gi5GXwptl4FoBk4JEICS7tRKkFoj80i4h40hrhPDQTwU8Qwc0J6P2IslwqVTAH08sTVvmKiLs25qXfq_WYwVFQnruoZdLDO-TvkplKPWEVwFWSJp6n9sy-T9gxRwMp9OE38GeG_DkcRXqAxm-U3MpjhlW54luop_WOkZ4tE36t5u1OJWLfr-CuMEY1FWfXKmOsf4vBc-CQmGbccFz_7rGRK8L9GPqsfWaMLngBo0hJCyMV-zYjzuPepdpkZxQY9FLpG5jARGtz8HX5ehNd9LaTxww26fbdflQlFmxTSTn8-8KzYTeydr6SFfRtyOIc9uP5XZqslgptuEmEji21vAZNlh0AwYClo4B59lscIVHBARniTNEJNOBNiJxxAQ1LTBmxp4IjA0TpEpkm5at5WfCbYs8YG5Zew64nTDMkGrmnry&cid=CAASKORoQtA4aW3RBrVonY_0Wek8qgqq_M-DFaefH874ZBLS3I9bUuIeEIE&rfl=1%2Chttps%253A%252F%252Fgrand.online%252F%240

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b19b7b0cc0e9a49f153ed770d2840cabc1da5f7d649530cb41130d47fcd121f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34107
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FEE5 42 B
107 B 68ms
55ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8RCym1zBmlzQD_y41rEdSGSVI7WEfxMidAWdcbs3c4C5ZNrWUNIrlBKlolIXuopHLRvFZT8Fv-hTqnTTrz7Gcfqrp5pLY21rOwverEJyWOQ_XVtI

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame FEE5 3 KB
1 KB 90ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:06:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame FEE5 17 KB
7 KB 73ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:10:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FEE5 0
0 132ms
51ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQI19JbsCxPEylfvRFejggdwVcZmioAK6Jda9RvU0b8dcxxnEp_Fu0C9CmTjrm5G5ANAK6glnkhIzCoKdykWvAxApGspA
Requested by: Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEE5 140 KB
44 KB 248ms
154ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 14:11:21 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EDC0 624 B
559 B 33ms
31ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARilpeLRATAB&v=APEucNW1Nl5EasuMTqv8WrAUbBY-rpNhyOiBmB6E4p-rC848TEYnoyynDm2SRZwuTnPAmrZeMS91RK0YU5anWzFM0oHvZk3oLzII1_p40AIVQEVXeqpLz8JtO1nhAWw-xlZCmhj9uH1LQ6f9_Ey9bCfpU635eXnUziUT5e7NXXNXE6KjPg1tfW8

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:21 GMT
expires: Tue, 27 Sep 2022 14:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A184 79 KB
34 KB 75ms
72ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Du73RO7h15ZcTbzhwJJhdoY1Fll3NZLebpOKE_j2irjNO6NXaSApZwa6lF3FtGNGqCzTHCV1d5heVDztOnR3oXN7Mtww&cry=1&dbm_d=AKAmf-DOYCbyvgE4ZhkMdzcJD-jTQ46dUihiS6GCHBgW6aynIkM-LBJlZ2bZAqUyhk7XF5dyIK2UfUcLOADlL5cPWHJLRPUt3JWiiUgmommduz_f559Kf0PsNTxLO0SVhGiM_JK71viwwGIl2CXhFAjjh9Ld0E7Pj0-A3RnxqchgW6aOzEiDjJEaU_5aCsG9Vu2l1qoCyxg0RTWld9c1VqocPr4GcsV5badQwczRNhQm2922dwEwCdpqzsZhb8AiZv6RqcpkJEcWb5TRwAqHKPIIaXXs3B-HNORUi5w5QRVUOT-Tqhuzmf_bTMekrthQmzovsMUIEgA2hYHl4vfy6prw9o6IwW5mnl32U0zXbAqUpomf0BeQcnphMgfz9AObwX5o4VERqipzOqrr8v28E9qjWAPqPPUpE59u_GOSeX38BcJOcT18ezqHRgMOMJEdrj8LxSYrkyUMsZF-hLLegrPGvGMEw_VVsMaLyPEBeIE7thAoKVfaOQiWt-kjjwC5VXpZNCmQYAYUEIJhsz0YiEhqfc-NDM06y5PfloPvcmKMhWHvYWwAuLvylNN5Z-c5iSi8aD9wQURZJil7yTvCF8hje8FCH4kZeop2vi3XKhW2HNt_GmhGR1LI5ZFQxXqe-UPuuE3pJidXF60PvoVb-esTnhD4DcnzYzsYtZ7luZuGUw1POOTagiErMP5nWalZSTAFGOAhdh3hMnM2SQJxaK_5vI2fuuUZFr51AzvJcBp4jCK4u3E74Eqgh49x5aeWWJyXCjfVppqVnPql9ZWl-4Xxi9z4fao_hFVcs9FLljoF-hzbTufuOoSk3yGPmDK_c2g_hG3uWuddeLx6zNDZboZeLcUrjt3wCkHMW3C-Q2BHLlPQbmXAds4xbYhAFQleFnzaBbOKk9utGCQ850Pg18TQXVFkXYeR91p-cb6IyFv9-Fb0KRHgxSQoNFnEakmcl03SiUfUT0wA9i8w7GgXp9O4wnAuEnw0tyURjqrq20eERjo9o6EQmRXh-f9DMilD9YZ15yB_Qb9rdi4dOY4QdYJ7BZQQDKI2h3oHdiX56Bycm-4yuQ1JefSFm0vKxWItYKJ1yPRcdsBlvLd6OwHJV5H07UPuh_GyfelB-9I5lf_aXhECErDg5wNmg9ebXKDSj2Wi302Xt8tgVtK7Jdi618XIPWBLpNnZomM6JzW8mq5iAEals77QMj0usvm8EAhtz3XfuCsbremJAZ45VO5SGupdu7YGWpWMZLhS2EOlF2Q6Bzo0eeuJu0d79l9gZ2GT0pqJ8sA65UP032GTKZkaVeJfTgc23wdAR5qcjOh1gD8rZZnkmshayB5R6w0r-xQfLup7JuqkgROOpmmxiVPfrS5CoZ31XLUrGS0mycqNf1XYZpHjDh0974OM3TcRVoGWmsTghtJCtooTIwkyFqI5GapdsYezpdxNEyJ19i9gI-HmZuTK4BR8yMGufZy3m2WxvsVwa7Qv_ENl4ipQRft0_bJKdyKaJXxaumy8hCWzgotraJZjRN5YBtrM9vkM2ou0aChW8uaN8WxBHHhU7ZTlOGGhZbUryozXC9H1t2nbM7lpbPb_-Xinq_48VCi8dBkWlgtguSwfzpGFffSp-hXn-yw-07I_G1LTomB7mx83mu93gPNjWm0msotfQmWhmk3xIbHPdKw9W21vuoEybMY-GiRipQoWeAZ7MBA-TsQFkY8zNXn9RJAWHMDP3BdNtjR1lPyKoswWcTE0pY3nBJzotQQ8tIDpfSKBBZG1FX108RpFAapBuPIj6aZplXrP70RT4bOYEsu5EWX2hinE2hvILXZK7oktRFPN9jq0Bc-tVpKhgXy3q6-vqh-7qR87Bpo2O4g_wJVdP7ghBYX6qQz3eMJSuRFR44-yep9p2qWO_wsT5mSO3FegSyw8IfLVE5NJ5ZC1_x0Lw57IKeDJNuV0dX9oPEiPJhO0szkNZypghsv25GFqHKy4k4EeEUlvF9o5A5qCGBLuJ2pWrjLLAmuqbizcFqD1W3aiEDAQF4LX6Wne95Xa5x7_OZLol8KZm5qyu3uFXrruYM_SbA81WG5sCX1eSrJ-VE4ubt8r83ZuoveM-XYdIUQnX1bfVhkvUeUQjKfhF6rq5q1bwGsj7Jc-mNBlZ_UH3bps4qwdzSbPkgEzSh0xvc3hhhN6J2vkWJjiCxwJQxYyasSwM4fLM2nXE9iJ5q5T_ny4Dpy_o0J1Qk6iz8kkQvKwgTb3WvfxQliEU7rcKDx9xA9E0lgWTlVHDp67oObNwL1Ge4_dOt5X-ndSPwWQIy7jgYerponTU_dQqFTEV3AT-cumd0b8uUVbzteJfbyX4Cd6z6mbG3OEyhydIB3NnjV9nfCpb2gC6rJD3t8YL3_vmHwE1a5bLhrDq3f8It76DoB25G58SD2Cq06hCtqCaDOH1WaV11oOEoXDFJjyCzZNw0TLZmA52mAVmIdviLqwD0Mxa5YtTdLLB3aU1LFDGlNeZwCofZbRdRzHHyOVGyNYi7o-tWBogiYvrwds2AUJI-xUqliPtu62S4b-_dX81XcsM6AeBS3O-y05terkrlFKYQ6iw7unIQ4ONOaGJ1oSArQtcJOWrNv5UT0pL_xKx9tuRcfZKFGh9hfb1X8aW2UXYFxTyHs_bEyGS4FKR7acAXB-OxJ5exgDlHbcGyF3I_-Os8yRB1RG9hjwIwe7Jifm92xijLd_A-oe79a5UI8lJY06zOjIwQMzlMazhnuT01O9lIdNwX3nWUZCkegucbKSj8BCH_RLXXoVnjPgD5hn9smfin21nrOXuwQ4UJK2_pbBz43qflLGkdgVEPH5TGf-6EJ8OHe4rMnfDGLpVDDC-Dly15SyICatY3Rqon0wrAB_gOJCU8iwxr9CnwUhTZqACmQKInV6PPUSoD45AZf5bTk-KOaimSBGNCgo1zkzdgfGzRdDtLIoqKWxJzb6KUU4RjO-aNrmitg3XXMZpG2Uhj1yu3V0kukcIFM4ctWDt4PHGar67KzzQVMqyUc7Gfefqim1coQSy9B23dINYY6ta_I9zvalOhmvhNWWUGAZEXTrHOKfnibjnm_Av7-DVcgCih-XGpSP6dYzKDx_DCojEldE48Gr9lv9wU7DjI7_XI26e_AZDSXwSCXW69-FlmYZ00r4meN2r_L8OOX08eMKIxqdAVtc8tyZOgcxY7-tmqk2kb0&cid=CAASKORoO1xwf9ugQkKaHdqAl4dVfLq8Y8M9GkOc3ELTBuBu42ICS3w-Sys&rfl=1%2Chttps%253A%252F%252Fgrand.online%252F%240

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c07c34287d9653e1781c3b37e59e80af1d5fbb9e63a8923459a700b7b0092b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A184 42 B
207 B 57ms
49ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bsv8ybq0dGJiF_yS8dcFGmP_4CZhgkJkddoy_uzQQcf-RtwT2-9T73l_J_bRb29CKqAcigqWGTLvt3HaEE9qEIxwL1BMHUraJVUV0gfcKbcZKN5_Y

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame A184 3 KB
1 KB 85ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:06:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame A184 17 KB
7 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:10:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A184 0
0 128ms
51ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGq0lG0lJm_BgOdBaWi6cKT5UkLPqYY7JOiC51o9UvZWOEjqojitrVz_h1J2mRHeFeIZAl5OZwf3MP5jg_nwD12rJMhg
Requested by: Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A184 140 KB
44 KB 248ms
159ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 14:11:21 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F6AB 624 B
559 B 31ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN7AtdEBMAE&v=APEucNVnJaYgUQa4npDf0sbGNbo8xG61f2kUerPBZbj31NsuOehq7k__xHiRUpDxYOlskM5-EolFPgjDLrIRLJwfamB3nX2arViJ1yrinD56-s61zgkwTfO3K9uHDfOmjHOFucr9ptH4HzE5RqzjIukZvqyi802Pd1HCkELEKGsI8wrZa01UX9o

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:21 GMT
expires: Tue, 27 Sep 2022 14:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 06C9 95 KB
36 KB 102ms
98ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnWsBAOrLOrbbvVyOOhsz4K53mDjxwd_BDoXhKriHCetEu4KUiicDavJc73TrtD4L9ZMtSm7S2-3oaRIQW0B8PDLncKSguc5TsIQDF9v2W0mQxKJYded_cLf-cv4MwvkC-N3C2eac5qBSRhJZow-Ke36fc0Q&dbm_d=AKAmf-Ad0GJMWH8ed1FwD8lrGh_e0RLnw0b48MIWmDKsD1VrzT1MpwSF6sOpip_nFe_D-KEtDG-YX4MKSyZW7zn2pQPPFXArCCtAONHGgVTc5-G5n-QswQTEGFxJTdWF-q4aRdfeUKZXtRdy95338eSxRbCLuSIF_JXZHFhjkiRAmEJG-cse7NDLTUoBKtRqMTRCK_73-tE2p2i6bXnjJ7THjFP2lezUW55t2bvUxD4Asq4uJJg4dZWkLqWDqvVMf7vg8l_kdyTOYVmYFwz9va2cETn3OUA_01y85XENKnheb9ojWIPTnzUydKTI464PKT-4qI-E0aCwltQFghwI6lAx9f2qhSM15Hx-qAZXpNQntN8vmD1Uvpqbn1NIY8b8_qHr556NlzDj9JSj6PBtvPX8ixBbQLVK15cc5OyBcuhuzEdnuYj9W207BaGUb2HQyBwLGU_EUctmpW0rlHnptkLaPMKqha70bkbK44LOO38cwOM6MZgwCInAWHKBL7hf8WDJbmNT1V922atU4xmtm1cySUhsJD_JlXRb_15DD_l1_7wSJBKQxPhZker-ZhGRC_G8ObsVAy5_JxSomqVeCJecMt6XrWvSFiQCLu76Fm0rVzu5jb2Q57APL5MmXTmmj3VPaIbzwIKbkmIPtUd8WA06uLSoU37TRIUC4gyCo6xj3ApQJPqxdJwu97MEj0NfDKfXBnxLzB9Z7FfUVDsNQvGfSLPPHl8dzneJFnCIyXGWbw9AIEUvCrgFlE-OiCxLE2F5Vjmo2r0gBsqJ9RlXgAzGMlv5nNFdHe6wQ9nTuTc08ey2ih9MEUgMVugS2_-4J6zeAZXFD-W0_sb-4Lsiq7lXxde7u_muqfUIbHsIeezuI7XFB8EQHWP6V_ScN8lXSsOoT8W0xbZnVhKzuZe5csPFRQh_A4-VcvDmoM8qNEbv0ludbupXNTwm_oKJ4jVfGM1vVXuZPH8oR3Bn6MBCQuhlUjHrNuHIrr4VNhOfs42ZKVE672Rjg2qh1Wgo1EYV8wIQgZrsSj963ez7e6_Rfzxsd6c5t4jR6VxGIZccPwxU-R4RQCWIaD-I5QOh-Vn342ujjjQaro6DGp-FP-YvhH9J2WxUno37XJT2sR7aXjh5byi7jg8E8-Kj3OcP1WDDFzTyyL1mfKfa6Y501hLvmqY_maL_k9-6RAtcRQFmEkavdMiHPyjqayyrR7ycmQU556d6xOgXpVHKmCliDqqojhPb8RpEhe71ZS9a5PQxA3nHxSY3XrQZEJ5OG58VP8ks95CNqj6wcPvhSw2mVj_NLG4x69kdms9VI7bKAMVac1Cd7Vookj_Te591Fn6QVUb7PUWA8pHzBpUtH1Mno6wjCX2rltM_9mPGCuES60nufrm-chHqJOBnkwnCV52wP-W0WmBEvoHhPfLP9EUOF4YrFLsFZEnKSp1inLqhJbk06bU0Kcfu0OqfmasqiinIhSYp0FdrhPQskTRoGQ-4a_2ncsQQBZR6zp3hcJ1RRNlgwRSO8hvgvWV5JXelAKsvqHg6V352sl1rWTDl8kmR-XfH8zR5yG59jiQvYa4bAvyXvT6zJVsXdpgBzKxVYfSUfd6nlEzFQ5T14Z7pcc9iub3o2hvnsbTWAtgsgK7VX-PD5jWzFlG50W5vjKjr-z9dWzuFXp8X7witVt2WVQA07FuHRmMJYaaEZw9x7YJ44gUnJ7lLpsFUEmC2YvWsn0ArcDvBdH4anxKpilLb3wlgQmJqcyh964hd2w4xfIr4CFs-pIlaRd43v_6eN1SjiJQSr1oJayIxJGny9VVxtkpmo8xeqhfwqGvO49p_qeMKilhksDv0pTALCysbcCwbUyYd10QRaEZExpL1xlOnPG0Blkq_0rJ1b7n4-pQV71nkcNo83w4w0mBJSD4ue-5GXNelCr4xN4hPAd2bAxS5qiePdq-sAS0kdeevv1RoaPG4rVHbb-pD9sfZxxbjdzCTKyMj087tiAsnkW8-uf-anznWlSdODxlhfaE3eLqkawq6x2lEFafcNcGPEE5-uQp_H7Pd-Eaoc8ko9ul-TZxaUulp0rxZdo78ljKoNa05eIkzWo43IuDB-8uGsoKjBvoDw6O7YCxd-wiknNLvLxWLyRFVXzOQx1iqOM44zgBKco4kfJTLCRPMJoA0ZQIpbF74iGqKfNpxqm00Gic9Q8o-9PZU3F5gp7BkofuBLCoPpXOL24smsKcgPdFmkHuYPtXdGmpBwcEDrvpCWv4_3ndss8_tULr2YICFPY3kFFxoA5oQMTsOJCIFfiNVwDUJASo1E1WqEIQ-Dvu-_bPf0j69xOrq38tLDKouhrRP_BRxK0YtBNoznLeAkwKIlaljheGPevw8ciE-SeA5NSoscxY9VRzg0AfY37cEyHRU_t8e9-KIACflJ0-q0qAezzWv5a1dcekF_C63HUx5Fuvc84m2H9igaLXHP2NsBs5DRGlUmmS5_aW2khHL_aIgQglm1KTnSq0-RGN8mTBp2H1AYIU0emVkm5OyjCmDnJ7jssNbGpCn2uZ8m0HK-0bXbev_AqdRim0o4PYvmvpRIlU6wJZx3P8NeuZxtkdhuzBKCdD_ePD8EIOOkW-eRWTTvOWRRiSWQ53TBJ3_QFYEReP86fIVbRGVa301T-_1XAVZ3SRTjpwU4-LF3pkvJF_l4qlK1eX-3FvsAVuV0vWutJSa_2Q02jf_as1lefuFyEvxRWOeeadmCLm4PbXh6mdjTfQTfPsCCz6tgrbZwIW_qtyOx1x0tKTq7amGW1Z6qCccOECGls5Z3ZsWhauhfjnbOhIWo2TENeo4hBI9SIybshzfYFZIvbLaf_mwFiLmlyMx5FvVthrjGLOVNH-3i-yT-WxBRVPJWTG-qv8vwQUfr7JDsIF9LGfdG2UGxL29xK90aXsJmpMLHVLm86QIMZZDsKTgdWjsKbhhu89wmNB-Xf-nRe01F6-sRLqT7koHVz2HiunWXoIXEFPD5l2fTDtgDjzUMjTzxcqdBGUFfXKCJ1fhRJV2g9Br6zgvSOo1xJwDK21dZTVXCW4yTKxKDd7Yq1sCc02Tsqg70KNJUCOO8W4WHD-Xq019cBjAtdMLNCmVM5TbdW-k7f08VtB1wEBOeRQefP_Bu3DuHYrehUNa2R_XueeckvOy9UbvdvXbn7RwH129zvn1xwMHKIytTaNm9s7QHyKSpINzXi_dZjO3EhCkUn_tU9zPq17Tk_VPjxZ0cMVrYc8uM879GqZw7SyI3nzoedZBK_e1kRa8rgw1rMUynrC7YKF9S_Ttcn8BduU8rI3qw6vnVr6oBHAOWTLyekijq0W5WgJt490rgYG_tAqp8MH_&cid=CAASKORoUDGAgdpngKH5ypiG-AC3pCo-TP2fH186_ih-LyPpKs4fDsOA1mI&rfl=2%2Chttps%253A%252F%252Fgrand.online%252F%240

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5ee70a92ca313a47ef28393cb5fa83d6ca14554f4e25179795a133e81d0ca0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37121
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 06C9 3 KB
1 KB 69ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:06:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 06C9 17 KB
7 KB 67ms
32ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:10:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06C9 140 KB
44 KB 216ms
143ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 14:11:21 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 06C9 42 B
107 B 53ms
50ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DAFIBM44J53XIec6InnoPjgrw5GmIprUi9mnF6797CmXc5tdq9-TA1DXHoAZcPKPFW81jRRh8YLXJ0yHK4bztnA0kfcUuXsqo6R9aHzWomSmUT3GA

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A611 15 KB
6 KB 90ms
28ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=grand.online

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:20 GMT
server: Kestrel
server-processing-duration-in-ticks: 879145
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
321 B 62ms
19ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://grand.online/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://grand.online
date: Tue, 27 Sep 2022 14:11:20 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 74DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1&C=1

43 B
845 B

93ms
93ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYtZai0wEwAQ&v=APEucNXOyTRdd2LYrW0h5sDqKBkRmY10qyhx_rim_y0YZBt9Ks6pNXQnSmkEfS78pgQmHlLTHj4k9U_obGRiWEsObJe0cYxvnmsaMuPn3JTqCnWiMWeu8O5nOVqfARdObcyW18Idc61MiGmUWm7vyo_xEBk05Dg4AHlOq20se8w9EW_nURIO184
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 7514d3fc9eee8fe8-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9A0jlyaxVrMzvAIljcSnYKoNNZLdD64upB1UrdphHQi8UgIXwdeMlR1vs7cJXJzYgnrxb%2B%2BqLbNYv0C1PhIyT88t2%2FZdnLwceKE6vaEPktn%2Fq%2F1iyVSsqHMIEzQJEBrtphHVERLEZHcW9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2bXaa1JedJ8%2BSQJjYG2gliCZss3ARPpV2Lg3tBbMZZJ%2BJIEdjxtkNaww%2BnfHwMID7TJvwdvI%2FJp7%2BSzySDPd%2FEcvEdvaqJJVvKdHZ3KUABcMG%2FSm3SSPl3M%2BPPt4pz%2BS1ZspZwfPfNYgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1&C=1
cache-control: no-cache
cf-ray: 7514d3fc293dbbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 74DC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzMEifhiWyOd1K2r1aYs0AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1

43 B
848 B

40ms
39ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYtZai0wEwAQ&v=APEucNXOyTRdd2LYrW0h5sDqKBkRmY10qyhx_rim_y0YZBt9Ks6pNXQnSmkEfS78pgQmHlLTHj4k9U_obGRiWEsObJe0cYxvnmsaMuPn3JTqCnWiMWeu8O5nOVqfARdObcyW18Idc61MiGmUWm7vyo_xEBk05Dg4AHlOq20se8w9EW_nURIO184
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 7514d3fdc99f8fe8-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdNyY0o%2F3UHsJhAJlmtEmLgCjiHMX5UGaUlSI9BeEaso5tCmhqeFCIK45lwfeNCxRUJb72KoqW8b%2B0H8VcvhrU8j%2B%2BeK%2BhUk%2FTCRjLD%2BWTOegBLNjvY5yyd8Q4Fjmpy6eAq5yGNf8MPuIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 74DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJefPjv8ywVPggrB-HZoWWc&google_cver=1

43 B
1019 B

29ms
22ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJefPjv8ywVPggrB-HZoWWc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEYtZai0wEwAQ&v=APEucNXOyTRdd2LYrW0h5sDqKBkRmY10qyhx_rim_y0YZBt9Ks6pNXQnSmkEfS78pgQmHlLTHj4k9U_obGRiWEsObJe0cYxvnmsaMuPn3JTqCnWiMWeu8O5nOVqfARdObcyW18Idc61MiGmUWm7vyo_xEBk05Dg4AHlOq20se8w9EW_nURIO184

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 14:11:21 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 854ebcc3-2e0c-409c-b705-31e17df73408
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJefPjv8ywVPggrB-HZoWWc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74DC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ3MTIyNjQ0NTE5NTMyNDY3Nw%3D%3D

170 B
188 B

65ms
27ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ3MTIyNjQ0NTE5NTMyNDY3Nw%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 14:11:21 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f88c6302-343a-4734-8a4f-aec241381ab6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ3MTIyNjQ0NTE5NTMyNDY3Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AC8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1&C=1

43 B
841 B

86ms
60ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjjzK3DATAB&v=APEucNVkWqreWHMvOyeEP8bvessb280wpD__6kHmLsSVZUHfDDv81SvX7NCgkF1Y9PeDvzbOKFPp9DQ9XW6lhL-OR0qV-mRFd9j3Z3w8MwqXHjeXlvFKJ51pXJMorRCdIh848MAe9hUqYZah-x-fzbZZCiRDNtAJULY8k6bIl_1YUvd_ayzKSVU
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 7514d3fc8ec28fe8-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nz5jCOvZDWJ3t7z2YXuyWGxbb%2Fnqnm7ZD10qAAwa8oICZh0Dcs6wglZK54a9he8whx9kfuXdG%2B4qAavp7lHPluU%2FXwbKhv1sAdzvsthbHAlguDEM7MqxSoPIdKD1dm9CbViUhDqRGcSnrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHXT9CcBWCdz0Mya21Js0J3DBKjPIFszVEGx9nF7BlWl3zh3kMgXSlrRsBL3xqh%2BHgD%2FeER6P3hKJzabweHoOn%2FSb9wxCmkDXgyDYaQvXxn3wEGfmH%2BSGSqq%2BbUhj0gnyLBsFXL57nJJ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBEUnPj61yo3FfpZEE80ZdA&google_cver=1&C=1
cache-control: no-cache
cf-ray: 7514d3fc1930bbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AC8B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzMEiZA.hXlxxMSLCTtbbAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1&google_hm=2

43 B
840 B

43ms
43ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjjzK3DATAB&v=APEucNVkWqreWHMvOyeEP8bvessb280wpD__6kHmLsSVZUHfDDv81SvX7NCgkF1Y9PeDvzbOKFPp9DQ9XW6lhL-OR0qV-mRFd9j3Z3w8MwqXHjeXlvFKJ51pXJMorRCdIh848MAe9hUqYZah-x-fzbZZCiRDNtAJULY8k6bIl_1YUvd_ayzKSVU
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 7514d3fd68ca8fe8-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptwIB6R%2F5dVwBAkLnzPtgkvBpNrUhCxxwhwKdJZ1prHeS87nfUuCjOUKTdC8eclP70bXTucI173lNV20xUXexxpMKqs3n1msfTexxmaAUASqxp9drFL7L%2Fu0a4OmvM9eIWsLMqJjhrr4Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame AC8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1

43 B
1019 B

29ms
23ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjjzK3DATAB&v=APEucNVkWqreWHMvOyeEP8bvessb280wpD__6kHmLsSVZUHfDDv81SvX7NCgkF1Y9PeDvzbOKFPp9DQ9XW6lhL-OR0qV-mRFd9j3Z3w8MwqXHjeXlvFKJ51pXJMorRCdIh848MAe9hUqYZah-x-fzbZZCiRDNtAJULY8k6bIl_1YUvd_ayzKSVU

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 14:11:21 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a9c940f4-ab2c-4997-87f1-c9e6a0c457e8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC8B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ3MTIyNjQ0NTE5NTMyNDY3Nw%3D%3D

170 B
188 B

65ms
29ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ3MTIyNjQ0NTE5NTMyNDY3Nw%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 14:11:21 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4789b832-9864-47c2-b470-7a6a97e9e1e2
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ3MTIyNjQ0NTE5NTMyNDY3Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EDC0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENTjeUaSM2YgjuNpuPf3vng&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENTjeUaSM2YgjuNpuPf3vng&google_cver=1&C=1

43 B
843 B

54ms
54ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENTjeUaSM2YgjuNpuPf3vng&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARilpeLRATAB&v=APEucNW1Nl5EasuMTqv8WrAUbBY-rpNhyOiBmB6E4p-rC848TEYnoyynDm2SRZwuTnPAmrZeMS91RK0YU5anWzFM0oHvZk3oLzII1_p40AIVQEVXeqpLz8JtO1nhAWw-xlZCmhj9uH1LQ6f9_Ey9bCfpU635eXnUziUT5e7NXXNXE6KjPg1tfW8
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 7514d3fc9ef08fe8-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=br%2FcVSE0um%2FLjh3UwjvVuDqtHIo8BnYplRDr7HoudS0cie9I8aOlL1gmR9iAoBTcIt8WrbgwW94Z5VcjUU8yRsfhWaaeH0XLhobRHpMDUr02QFwwppQz82zqrN%2FA%2FVc1EkxTLDX7Cj%2BhOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzVUTl45j1qWggJwOpURYv0ZGAcpTwDkwK3kf97EKilWw6lkLHZ54zi%2FcfRDDVdvxsY36SmsQdGFgjWfOiVrMmzUoiRHUmPb1%2FIsV%2FKX4tayX9RpzsUNfVL6VcIFeT6WfQ9lLednSxg%2F%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESENTjeUaSM2YgjuNpuPf3vng&google_cver=1&C=1
cache-control: no-cache
cf-ray: 7514d3fc293abbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EDC0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzMEiaNZa1Ib4.2KdgN7HAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1&google_hm=2

43 B
842 B

43ms
43ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARilpeLRATAB&v=APEucNW1Nl5EasuMTqv8WrAUbBY-rpNhyOiBmB6E4p-rC848TEYnoyynDm2SRZwuTnPAmrZeMS91RK0YU5anWzFM0oHvZk3oLzII1_p40AIVQEVXeqpLz8JtO1nhAWw-xlZCmhj9uH1LQ6f9_Ey9bCfpU635eXnUziUT5e7NXXNXE6KjPg1tfW8
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 7514d3fdc9b78fe8-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNxUC3Qui1eQ3I806QYbyGdiQb4PeExbvq%2B2gWpnVt2QhC0DRIdS6iMH8XbCWGsuhIqC6i%2BbmLNMZxsPIbGBJ3lmMqPWozSgYiVm%2F%2BYk0qgiLqiJuVih9uxBZf8T0mQDi41ZFE1AHc1vMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EDC0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1

43 B
1019 B

46ms
23ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARilpeLRATAB&v=APEucNW1Nl5EasuMTqv8WrAUbBY-rpNhyOiBmB6E4p-rC848TEYnoyynDm2SRZwuTnPAmrZeMS91RK0YU5anWzFM0oHvZk3oLzII1_p40AIVQEVXeqpLz8JtO1nhAWw-xlZCmhj9uH1LQ6f9_Ey9bCfpU635eXnUziUT5e7NXXNXE6KjPg1tfW8

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 14:11:21 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6366da6b-b1ee-4e14-871f-54ed33b7b800
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EDC0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2Mzc5ODU4MDc1NDIyMzA2

170 B
188 B

27ms
27ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2Mzc5ODU4MDc1NDIyMzA2

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 14:11:21 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5815f96b-86cd-4f1c-ad25-f4c102166829
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2Mzc5ODU4MDc1NDIyMzA2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F6AB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKB0iIrpjW4pxnZlP9FrwWI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKB0iIrpjW4pxnZlP9FrwWI&google_cver=1&C=1

43 B
844 B

47ms
47ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKB0iIrpjW4pxnZlP9FrwWI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN7AtdEBMAE&v=APEucNVnJaYgUQa4npDf0sbGNbo8xG61f2kUerPBZbj31NsuOehq7k__xHiRUpDxYOlskM5-EolFPgjDLrIRLJwfamB3nX2arViJ1yrinD56-s61zgkwTfO3K9uHDfOmjHOFucr9ptH4HzE5RqzjIukZvqyi802Pd1HCkELEKGsI8wrZa01UX9o
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 7514d3fc9ee58fe8-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mR5ey85EkUbaDKo7TM%2FH89gJnF6GkAqLY%2FDGkRsdVPihWzxu3xzEMekkSQBtfOyZOEWY3NQgqqE6wX%2BOPZvO3d1rqk3ldcOYCjy3nPBt%2BiyiiUvUq1XTzET6n0g4ocHveFIrOrbW6Fo7dA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMg%2FW97Xgm2%2BtjEZry1oJ0%2BihuQg69tJakqF0I23hI%2BuR3%2BxzAZnfTcJTlONIRuVr9%2BMw4bjeOVhwhP6ADXj7Z970STXjjsAxKnaVdZORu%2BzfHzQi1JrWkV1J1z52FrvWTk3oDOD2BIdSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEKB0iIrpjW4pxnZlP9FrwWI&google_cver=1&C=1
cache-control: no-cache
cf-ray: 7514d3fc1934bbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F6AB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzMEiTfDs-6mQHgRbGEA6QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1

43 B
842 B

44ms
44ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN7AtdEBMAE&v=APEucNVnJaYgUQa4npDf0sbGNbo8xG61f2kUerPBZbj31NsuOehq7k__xHiRUpDxYOlskM5-EolFPgjDLrIRLJwfamB3nX2arViJ1yrinD56-s61zgkwTfO3K9uHDfOmjHOFucr9ptH4HzE5RqzjIukZvqyi802Pd1HCkELEKGsI8wrZa01UX9o
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 7514d3fdc9bb8fe8-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qzx%2B59BEsAtrauGnto75iAMblNcnDlPhOR8Ilzu%2FD4WbWIDisupHeDKUrDpmskUJ6ToI09QqW9SfbLE53PkxjwL0tCjRsvlV%2FeASNPfL58P2G4R6CqQoMWrneOcqM3foF%2B2Ipydzq6E1RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECV6o1qs8a26Y3f5zrMjpCg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F6AB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1

43 B
1019 B

60ms
36ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGN7AtdEBMAE&v=APEucNVnJaYgUQa4npDf0sbGNbo8xG61f2kUerPBZbj31NsuOehq7k__xHiRUpDxYOlskM5-EolFPgjDLrIRLJwfamB3nX2arViJ1yrinD56-s61zgkwTfO3K9uHDfOmjHOFucr9ptH4HzE5RqzjIukZvqyi802Pd1HCkELEKGsI8wrZa01UX9o

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 14:11:21 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ae460968-85a3-4e16-adc2-1c0074be88d5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKzFqBp2H0Gh_5GWBbouWuI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F6AB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2Mzc5ODU4MDc1NDIyMzA2

170 B
188 B

28ms
26ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2Mzc5ODU4MDc1NDIyMzA2

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 14:11:21 GMT
X-Proxy-Origin: 217.138.194.163; 217.138.194.163; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: aa58ee28-613b-4320-a86f-610bb94b066f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2Mzc5ODU4MDc1NDIyMzA2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8C54 170 KB
59 KB 164ms
66ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Origin: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 07:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 07:35:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame 8C54 8 KB
3 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DDqmOP55nyolpnGPBP_kQwYlxctmy14485fobjR4e8JPciDxzk1GhEj5Qj58VPM5nAk4GaTXM_0Q9W4m4kZb6be7AlGQi7pSvY3LL9_QQMXKUNQkT-Hr3w74O9nBPl3OCx-ZjvcSh1iDafFNxB8_fTh7Q-wO4xunNnoCViD8NJaIbw65FTOvffNzcLG9Y5EVSfa1jY&cry=1&dbm_d=AKAmf-DCdmhpddaoFt5BybghL9O9yduKSvh415-hydl-NwFEj7sAKMN3FcZBCOGnFLkNSZMkFeEp-a4P-nVFeZG_fOvHZXSj-PAggnUUD2NTKwlX7dJXcfBJC1qW6MtQWDQXV1wByw7q-8jZXf6ff8rWYOUW7i-rh8aJtHbcyhrbDAYUmBCxSJ5Wu7Vd6FpjCKTPONpl_VhsMkDRoDADM20l3OOumzVz48lXsmA_XlwEEv5vJI62cmGtJzFcnGj9uJYj7_2FIT1lJXvnFPl8Nhj5w3zG0ozov6uX3XmrNiS8ONmzHLq4EKqq4tnmbtoxK8X9E24R1JH8dUVZ2qRxWoB50cTeR7BqpvjFUoJsf9pThX_1dp8YIGQcXhQ7y7ZiEC5KslLFKcAFJLsyDX_-TghGvS-JF8EudkTLQj494f2auS7bbWTgR21VRavV88D2wxlvpmW-CyObitkwXL5pCh7IjHqwj4rp8zLTQa5g6n4COY9221LXOhIsU9JD1-i3JmFyzuZqldVhqnD3BvESM55I1RsjQRGCYUAo9GSbfVzJee4Ew5Jg8QX_w_Kjrin84ecJ8pR85nkWF058VY1L9eEnNU_eAXlP41Bu_siTeIpgQ8hsNKbbUvb6tlZ_hc7JQcKkWJ-Df8HbUH8W96SqGzlSw4RQeMnmV_61cKXOvW4HIS2ECuILOI6_3Cd-HrV5AJE69wP1G9uC4aDbTNsWuOX05Q8ZnPPZinSQcfXo9sqKS1kPoKvCopI3dyAnNoIO31UsO0DgbS7wD7VTgPKNv8H9ripwriLtTkW-kvZFfd7iD5Ol1k6dyUJD8PiUvtOApvIK3j7d2mx3gYSMFbPOvVzRlifRak-26tGOhb0msz6UsyZdfsVSoV26ypTv3f_fHGU2s3x8vC4vF_1AwH23qBJKzemU6QdFzK9OQSvQmfJYm-YvWyKRVh1L9gFRYm4SP0K_ehMilxCy-RG-1C0kyUy-z6BiTFMIJ6HEPPJtBM999GS5Ld63L6-5BTMrmgDm9JrNGI0rFGrv0Cn_nbz-gJE9dPfGvpWVR6T3ZKdb-CpcNVGPmqVO2oze6bMSto3Wot46RJkBLBylJ4EEM4flxAQHykviKZJvHQUE3vRtEriRs9bPQdPPVrIV0TEK4wSGcy_6Twtvvk-XtPYBE0oaUkekDwTEkF6oDfz3JHM6D17ngD_mwIcZnAYNcH8-Bq53Cdu3kqrMahgKDotWQ5260W4kCTNnJkaWnFmlOl4PidZO9gUdeEHm18yYTKkWJsXOTXCILfKtM_fTIugMlVOHFKjX--Wpp8oeawstQJQkuxawBbruiaK2jnub7kGc25vWBADgzHyBXcVPW2PqUhQmga7u2LPEy_3FgWJDRrkgR2wbFcZVF-6T6bM1Rx8bma_W_hvZfOmh43td1SbK0ybj1_j1cDMr5Pjo6bYe6gAhtFas0EzXCKbijp8qdZe4NescHxRoduxahuazzWpi0D30q6BkJ2BEg5jzSXqxb6LX2EMXS6a9t0z8z2jhsms4UjEJVht-VzAcLr5bPyJBrjNnAfdP-TWVFy2FGTHhmmLYnfYeOJG8vrJH_hfiImgfqQ7U-ikQo4Y9qSl-Yho529dBXeQIzJiEliUDNHbVa_JoyQ58Nmw6dgvLa3up-9IKhqre3jt2xPdZZECR03iRpWDZks3jyvcBJiv7bnxwiRMBqpSylZxBp2lJHPsgBGKLeVZ2UY38km-a5pdkijj6G-EHiq5lThq-bKbUG7vszftqYv3r4y4EAKDsM9pucclHTnEHPyQen16nww9A8Tuz81AMSee_8HJwq_kqU1-QVxR5N4XRZnZWx842GfYF71QLOXETPx9PonV6IyRy2B1pmYBc9lMWi5O4tl7dAjI1IxpBmPoe0QNj0Lkus8oYDx5boGN6p_MysSTdkFOKGqOj-mrbWge7qWSYDAnDaut5oYqbIeSWuIMe9-EVDWqRvOIbdtly9iVmoFH8PksqQ7C7qoPLFiEwfx10dEssmaFfgYYQtf124P6PyKgdAd7dCezy482NVxbIypa0VahGUQdFgoiOOysBBNx2F21uiAl_m3x3w9Whqgn0M9ydl4qxQB5CCiFRj3DoVQteuADeoid85X8jyxBejnyJLoTzG5U5qV1_jXc-uwsOJMNs9wlpCRWC18EwwsIyvUXIKYd2VvZEmya1BcbEptmIqMWdQU84jFRhFbwcN-xikZ2Xn06CI0GgzepiQD9dUzylwbXZ2AeRhCN-f8AD3b4qhleXQqVq6qMco3v1XOLKgxyEI2GM1mqg3eFXV7tQHsdK97Vkj9vboXwY6sAs8ACUoJrPi6RwH4z_EpRXbJBcUoQi4xg0LZidwF5C-TBDVSR4TCx1Bb337okH3POKjJ6IPJ4vlQnOm_qGYSzIaHuiCe0B3_UWC7OvpeZpY5Yo-2LnJLBPbaG4cpX2exQHdqU5dNC8SgmRDTGoa8mmEDZLPwWD8aQGXhslwb0wNiWXXtZnx4BduolBFEh6UNRnsiWPCcRZ2-F0xqsIgZqIOuHwEaif37LjTYeQLqMICpIvGxbGM1qcLTb6--V745glWisGVx7RBRi_RodLNnAjPhIn5tdbdyjRLGNu40DeO8sD3oD-R1v4DX0ztQpfype0zcCZhMTyiA6pp4vkZT4vCppcXZDZDeiY8iWtVfLuqKWe8NLW8WHNEdvov6QEbZjNHigjSfYVmMBGUZxye_pi1CCWFTNhCfv7525vN1ZkSixzGpvdafXWyfaKDCfhAWeasRZO5ZjigK9cnDRS7kRjG4Eg_yBGH8cVuxcbQlVgZHHXjyOq-o338wMho6DjpH6r-EU1ZmVrfWd5h8JhfIwW1xRNX8ELod2PQNFf3VwTTj8-kY6IUdMyzbxD4yvCGKQMnSgeCf53RQA8bbH-1-MQ5sn5hMOaoQ2W_2nnuvqFIuYYAvIxfK3_FSYTG5ygEaSCUb7za8YOpsIWq4je34P_Q274xgykIYgXX8Y-nBpnStwWZQJl2Bka99Krfsy2sVlifj2e4SE9mNn87rG__vu3H4VQAob3UTX2-5jn2cKUTgryiwvAp389QQE9E181aaPSVK6lJeq42aeYe6oTgf9MPJ56L-PUd6XPunC1hRzlJ3GB6a6WSfh7s9dz7rHPszH64rOKCZsYK-837pvN3FEeKd9QEN-2S5F5vdYGxZ9XIitlSiuIcldN1qT87jcy04KqwS3i_VQ-6DwKpgjS3t90WiV7tmJdCQ9dDxyskB46IH-DM21kQtFYHjZa8qDwsADzZB__4FU9gocJGkQ5l31tY13FpwVUHxc8Cka41t31DbsZS9g5e3T8vhxNI8ini943mb9tvalHXkmkrjFc-eeJmgRYegAvcB_RzqvWJW1GfOGYg5TCmtffhXAe-HCrVPgq547qMWLJJeMnCGHcla74MoW604yiOPS4vbgfnRKjdjhV0L8De2bJji6xsUP0tLHLDAAtOD--w3LeinRw7aOVCBZQ89fWsCvWQqEWhXulaP0NGI3QpL0I2VErTtObG1LyOXGvQxQXd1CDuTrRQ1d-obwTRIheVhgnn--5viHboHb3MEdn2LyHo9yqAeUFESkjh7LzLUk1Rzi5ruFsquebHtTYajlrNS6qtlrlztiZiNy6EbblIolbMfhDMIdJrsQ4rpAUQ_sNyjMnGh5qzT5LbvJlgUN9eUQPLKOStrEwbYa0-RXKDObawk0oOR45lhaFG3a1NGXEcSwWnpNUjxXwqyA7BiCeMJk-5uQIpTfqHQ0WmUiMhi_tgP-DuOt1JvMnVLkm1Ab4k5Pg6W8Be-3ygM4h3hRUWDUfqETgb6KTHuWek6vKyQ_gyqdfbNPuJ6i8zYspnlbNj7q1jFhM2ZDEE_m8X7VRdH8&cid=CAASKORobrhWzAiVhfrG0hLqWPqH65eYzdB1y8GoH6qrPcqrIaVFh2mnO6U&rfl=1%2Chttps%253A%252F%252Fgrand.online%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:05:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 8C54 30 KB
11 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:03:42 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FEE5 170 KB
59 KB 174ms
86ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Origin: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 07:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 07:35:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame FEE5 8 KB
3 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5Y9L12JwviiaedGKOvoo9w7B90HPM63urRz7SKdLJKYj9MBWiIjVAiIQAP0lIIRcPoT2uY86fineN7AuHlZHfNAumv0kXsBNS7RbTCGeichLMcps6HRK_8RZ5wZGap5QB3J-lShv4ijbu-QTDGsmrZyQEMA&dbm_d=AKAmf-AebGNgbomFWpp36H1uKXdmyt8SzmkD3CMuqi0DM43mHEaXmh4JV6_NqYDx7oifToBF03fHkHqWLTP6WhYdUUjd7CrywCZ8JFzxyN7FT2XSPKtF_95WSFbeZlTl9FOJ83I9rTBWH4cF6cZEJI7h3yn4n7je5586HhMqhtSg93JCQgEXOFpKD4xEEv8k7ZQ9LIgItiPicEef8dc15yg7SWP0c-XbcOnHv6Izy0nc62yYndWo9CMeATwF3_WUvJacHyxLNkBnuXBVnZzgMw4Qz20nLdx4Xvjw_oEuC6Of2fkhpLmCnIdZ5H2LfVt4yMhAS6M0w7qwXUdyJkIOPQwrnv7hbReLj4E0tzNqIXeA2bASoaUTdLb-i539ZkydbnN4ELbwPyOMxjfeUn5jmfQUIDr75qJ5KsuzYGcsGZZjSfXHS1XQ8VfRwS2pSZFl19XTN5Gj4cmjS3jwWKBLenL0g_BBlGo10LE8cWMngoEkwSGxklXZXLjAecNWkKJpfOMFGD2W9Q35Mdfm9qGLr3zVFsTwYEdBXN88uu7Kklh6cknneRYNpMInhNKsrX3_LNXK7a646gzMB8QyHvZGh9AdGhn87Gl_PCFCe_jx9tYTdaB4BHzfOiVLlBEaUjktPsjIpH_2SlLGzixpJ_8B7rkNuxkOeyKhi8uZPUZW-KholKlxrgQLa3kJdwMcCkCdRbOcglHdqnHGJaCS9l0slwUHyDL-XAY4LP38BKIJXQ98igl3Zm7FBFRS_TADFDclmpcZJXiBQJIL7ghSvcW7dvsoss342GP_JNs1UIRTqcsBUgC6VIbbUtp-YvucyS1vrodetGUyjhT0fV2BEM8lVDdjgE5MDe7VoeKpOwG0PLs8BoTmv87eQycmg4idW-DrSz3DSq8ZsrwuXKpzSSk4Vzwmxew-bhi3FQRGj5_e26BMRYjX-9bC-5e7QzefsxuMF09vsm7ZmKnfXrzc5N8gbCa6DXX2azoJzlepk0NilQo7NAQ4WGJsyNv8PshXdHKibVAY0c8Ybrt1VxT-GL8Rx1dvUnPshylmC1pEGN8vf7cxgNtD0nIyHnF-7dXiNtFPYbMDgqe0f7s2mhmzMTc39kkoyn4B6xi8IOoflJZ_1SQSHEAzZ16soS5s3c5Yh8oqj5GjkQDBaBVTvQK6mpSKkFvB2NfVEpZh0lI-gcFl07UQaAe7VtoyEW2Zghc1Vl9eJVl37o8TqYvj7E9NMLK6vqnMfoOnVIlroIPINi76nLk31RuthTwOdel_bxUn0b-Kb4BufOEbVVR5FwjEigauq832VuBoGLNS5OKA3pzhjbRGx0RkUVu97R0sBhm7jQq8XM6ku7sz_CFucXC82YDGGJyN5_zAG2w8Gxb4f3w77A52ptA7rk7CqIV005WjuYdvVRXup8et5xKnOenWp6cNEX5ixS325Rvc34KoSSI0zMiOhlOQi89H6ugCNg2fEt5EiRBIYGG5TvDXMIJ4DkVJk68Yx8mH571tWP_-B0uS_c4SZr1-Ny1U1bvFpDtBnPP3aJjUVAMDfYS87R_KJkAK0twhK1xcAx45h4F5gElfD40ETCC1EGTZD6Ye9X2BZwnD8GXUvkkv4Cwqic-1rg6nPqY_xl_gZr5jX03r2lQ1iw8f1Yf-18rFxuf91BRlfIDT7meXZISBJ8g_3VyAbMs1-oux8KZ9U0TrkId9ykqE8Vs7q49uGrWCepYMs29JOduU2Fyd2RsDzfJL-9Rtwy0O3rruKWvcBHREgQg4udwjDj7EoKddRaOWR9XNiaUkMGU_VqJDPiML2_87RbzX5Y3I1ZoQK0-dbO_Zc-sB2bL_Ve_uu4QqUfbxlFVDfFwZWzvT2I8x_606fbse7wpu9ndwOLUJTLn44K9h0psPMwY7xhCv75mZZctp8wprPcTWtSPyJSuIsm6_cY52-MAHfHZEPmGP_duBuBme-Vj4hQ5qHTPkloFpcg3e-Z5f6SHHg3Am1xdgtJ1EwqcVV3Jev6u0-H3-JhtcE6jjpJGOHj36KsPA-0MLPHpGv7bwz20Rye7jbwATNe_lZJNA9ET_YGSD4bd6pM-A3PS9-IFFTdXEywYn3GjebOtObqYHwd0TsZnwhck8bmovy5RG5geahDzX3-zSpwPUCDTVS8JDtmv-BnpHs9VF9DozWDKxvZxlvuR_WZ7Dj29zU8fO41HrpLj_1QnIRGNfcWr7tUzJ7bENqSHCiRqXj2dnQPf9kzbydtx4j02WA-vrodrQtlBuiQ1-E6N94t42UCn66z1bB0gYEKAGpSjv5n4suLg8dFyxKFDsOtVXlGuq_AGkXd4FdQIuXNBxWuTOJ5Lbv3soSz8fDS2cFQBEkbf5fGIcfJkOzGcMZJ9fp0RjlFk1f_Ete3rM5GnuUTF074sUWRAKg8sHaEubyDHbmXeWS7-t28MPxl43W1bk_4qvADgkYi0GoWtgYtK9hpXMWcFPaCvOeyF_frzCCuHb4xKV4LnV1KxKnKXMVaOq80caE1jTELUk6bH-U_0XLbKW8rkYnwo75uUrhZGjk1G4vMF5lvER-O7kyJzeAAa_XoBvgs7-IWvjUgKUwJ8mQN2rkU44T9IC2wOwDK3tA_Py2MHaK0D0UrrWAiPDwgZntZaCNhJbCjYPTe4-l5XeSk7yTDlYHRDtt4uB1QRudqcvfEzXdDFSX4fXmWReiUt43bA6czi4azosnNANFzhQX-YdGKFBqmjwjFzIIA-KaF5bB1iyU99GnG_rIyWPbsdlACRcinRt9P_mrR18B1yPkDcc-g46Gi5GXwptl4FoBk4JEICS7tRKkFoj80i4h40hrhPDQTwU8Qwc0J6P2IslwqVTAH08sTVvmKiLs25qXfq_WYwVFQnruoZdLDO-TvkplKPWEVwFWSJp6n9sy-T9gxRwMp9OE38GeG_DkcRXqAxm-U3MpjhlW54luop_WOkZ4tE36t5u1OJWLfr-CuMEY1FWfXKmOsf4vBc-CQmGbccFz_7rGRK8L9GPqsfWaMLngBo0hJCyMV-zYjzuPepdpkZxQY9FLpG5jARGtz8HX5ehNd9LaTxww26fbdflQlFmxTSTn8-8KzYTeydr6SFfRtyOIc9uP5XZqslgptuEmEji21vAZNlh0AwYClo4B59lscIVHBARniTNEJNOBNiJxxAQ1LTBmxp4IjA0TpEpkm5at5WfCbYs8YG5Zew64nTDMkGrmnry&cid=CAASKORoQtA4aW3RBrVonY_0Wek8qgqq_M-DFaefH874ZBLS3I9bUuIeEIE&rfl=1%2Chttps%253A%252F%252Fgrand.online%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:05:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame FEE5 30 KB
11 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:03:42 GMT

GET
H2 200 hbscript Show response
hb.contentexchange.me/ Frame B1D1 54 KB
55 KB 67ms
67ms Script
text/plain 46.19.9.11
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.contentexchange.me/hbscript

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/widget/rAKYT4L9qRLPdQr86?domain=grand.online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trafex.serv.si

Software

nginx/1.14.1 /

Resource Hash

ca3eb2dc8c0d8f1a972f73abacda922f741e35ec5329bdc9160ca713a4685d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
vary: Origin
server: nginx/1.14.1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 55607
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A184 170 KB
59 KB 156ms
99ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Origin: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 07:35:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 07:35:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame A184 8 KB
3 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Du73RO7h15ZcTbzhwJJhdoY1Fll3NZLebpOKE_j2irjNO6NXaSApZwa6lF3FtGNGqCzTHCV1d5heVDztOnR3oXN7Mtww&cry=1&dbm_d=AKAmf-DOYCbyvgE4ZhkMdzcJD-jTQ46dUihiS6GCHBgW6aynIkM-LBJlZ2bZAqUyhk7XF5dyIK2UfUcLOADlL5cPWHJLRPUt3JWiiUgmommduz_f559Kf0PsNTxLO0SVhGiM_JK71viwwGIl2CXhFAjjh9Ld0E7Pj0-A3RnxqchgW6aOzEiDjJEaU_5aCsG9Vu2l1qoCyxg0RTWld9c1VqocPr4GcsV5badQwczRNhQm2922dwEwCdpqzsZhb8AiZv6RqcpkJEcWb5TRwAqHKPIIaXXs3B-HNORUi5w5QRVUOT-Tqhuzmf_bTMekrthQmzovsMUIEgA2hYHl4vfy6prw9o6IwW5mnl32U0zXbAqUpomf0BeQcnphMgfz9AObwX5o4VERqipzOqrr8v28E9qjWAPqPPUpE59u_GOSeX38BcJOcT18ezqHRgMOMJEdrj8LxSYrkyUMsZF-hLLegrPGvGMEw_VVsMaLyPEBeIE7thAoKVfaOQiWt-kjjwC5VXpZNCmQYAYUEIJhsz0YiEhqfc-NDM06y5PfloPvcmKMhWHvYWwAuLvylNN5Z-c5iSi8aD9wQURZJil7yTvCF8hje8FCH4kZeop2vi3XKhW2HNt_GmhGR1LI5ZFQxXqe-UPuuE3pJidXF60PvoVb-esTnhD4DcnzYzsYtZ7luZuGUw1POOTagiErMP5nWalZSTAFGOAhdh3hMnM2SQJxaK_5vI2fuuUZFr51AzvJcBp4jCK4u3E74Eqgh49x5aeWWJyXCjfVppqVnPql9ZWl-4Xxi9z4fao_hFVcs9FLljoF-hzbTufuOoSk3yGPmDK_c2g_hG3uWuddeLx6zNDZboZeLcUrjt3wCkHMW3C-Q2BHLlPQbmXAds4xbYhAFQleFnzaBbOKk9utGCQ850Pg18TQXVFkXYeR91p-cb6IyFv9-Fb0KRHgxSQoNFnEakmcl03SiUfUT0wA9i8w7GgXp9O4wnAuEnw0tyURjqrq20eERjo9o6EQmRXh-f9DMilD9YZ15yB_Qb9rdi4dOY4QdYJ7BZQQDKI2h3oHdiX56Bycm-4yuQ1JefSFm0vKxWItYKJ1yPRcdsBlvLd6OwHJV5H07UPuh_GyfelB-9I5lf_aXhECErDg5wNmg9ebXKDSj2Wi302Xt8tgVtK7Jdi618XIPWBLpNnZomM6JzW8mq5iAEals77QMj0usvm8EAhtz3XfuCsbremJAZ45VO5SGupdu7YGWpWMZLhS2EOlF2Q6Bzo0eeuJu0d79l9gZ2GT0pqJ8sA65UP032GTKZkaVeJfTgc23wdAR5qcjOh1gD8rZZnkmshayB5R6w0r-xQfLup7JuqkgROOpmmxiVPfrS5CoZ31XLUrGS0mycqNf1XYZpHjDh0974OM3TcRVoGWmsTghtJCtooTIwkyFqI5GapdsYezpdxNEyJ19i9gI-HmZuTK4BR8yMGufZy3m2WxvsVwa7Qv_ENl4ipQRft0_bJKdyKaJXxaumy8hCWzgotraJZjRN5YBtrM9vkM2ou0aChW8uaN8WxBHHhU7ZTlOGGhZbUryozXC9H1t2nbM7lpbPb_-Xinq_48VCi8dBkWlgtguSwfzpGFffSp-hXn-yw-07I_G1LTomB7mx83mu93gPNjWm0msotfQmWhmk3xIbHPdKw9W21vuoEybMY-GiRipQoWeAZ7MBA-TsQFkY8zNXn9RJAWHMDP3BdNtjR1lPyKoswWcTE0pY3nBJzotQQ8tIDpfSKBBZG1FX108RpFAapBuPIj6aZplXrP70RT4bOYEsu5EWX2hinE2hvILXZK7oktRFPN9jq0Bc-tVpKhgXy3q6-vqh-7qR87Bpo2O4g_wJVdP7ghBYX6qQz3eMJSuRFR44-yep9p2qWO_wsT5mSO3FegSyw8IfLVE5NJ5ZC1_x0Lw57IKeDJNuV0dX9oPEiPJhO0szkNZypghsv25GFqHKy4k4EeEUlvF9o5A5qCGBLuJ2pWrjLLAmuqbizcFqD1W3aiEDAQF4LX6Wne95Xa5x7_OZLol8KZm5qyu3uFXrruYM_SbA81WG5sCX1eSrJ-VE4ubt8r83ZuoveM-XYdIUQnX1bfVhkvUeUQjKfhF6rq5q1bwGsj7Jc-mNBlZ_UH3bps4qwdzSbPkgEzSh0xvc3hhhN6J2vkWJjiCxwJQxYyasSwM4fLM2nXE9iJ5q5T_ny4Dpy_o0J1Qk6iz8kkQvKwgTb3WvfxQliEU7rcKDx9xA9E0lgWTlVHDp67oObNwL1Ge4_dOt5X-ndSPwWQIy7jgYerponTU_dQqFTEV3AT-cumd0b8uUVbzteJfbyX4Cd6z6mbG3OEyhydIB3NnjV9nfCpb2gC6rJD3t8YL3_vmHwE1a5bLhrDq3f8It76DoB25G58SD2Cq06hCtqCaDOH1WaV11oOEoXDFJjyCzZNw0TLZmA52mAVmIdviLqwD0Mxa5YtTdLLB3aU1LFDGlNeZwCofZbRdRzHHyOVGyNYi7o-tWBogiYvrwds2AUJI-xUqliPtu62S4b-_dX81XcsM6AeBS3O-y05terkrlFKYQ6iw7unIQ4ONOaGJ1oSArQtcJOWrNv5UT0pL_xKx9tuRcfZKFGh9hfb1X8aW2UXYFxTyHs_bEyGS4FKR7acAXB-OxJ5exgDlHbcGyF3I_-Os8yRB1RG9hjwIwe7Jifm92xijLd_A-oe79a5UI8lJY06zOjIwQMzlMazhnuT01O9lIdNwX3nWUZCkegucbKSj8BCH_RLXXoVnjPgD5hn9smfin21nrOXuwQ4UJK2_pbBz43qflLGkdgVEPH5TGf-6EJ8OHe4rMnfDGLpVDDC-Dly15SyICatY3Rqon0wrAB_gOJCU8iwxr9CnwUhTZqACmQKInV6PPUSoD45AZf5bTk-KOaimSBGNCgo1zkzdgfGzRdDtLIoqKWxJzb6KUU4RjO-aNrmitg3XXMZpG2Uhj1yu3V0kukcIFM4ctWDt4PHGar67KzzQVMqyUc7Gfefqim1coQSy9B23dINYY6ta_I9zvalOhmvhNWWUGAZEXTrHOKfnibjnm_Av7-DVcgCih-XGpSP6dYzKDx_DCojEldE48Gr9lv9wU7DjI7_XI26e_AZDSXwSCXW69-FlmYZ00r4meN2r_L8OOX08eMKIxqdAVtc8tyZOgcxY7-tmqk2kb0&cid=CAASKORoO1xwf9ugQkKaHdqAl4dVfLq8Y8M9GkOc3ELTBuBu42ICS3w-Sys&rfl=1%2Chttps%253A%252F%252Fgrand.online%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:05:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame A184 30 KB
11 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:03:42 GMT

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ 58 KB
25 KB 140ms
49ms Script
application/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/widget/rAKYT4L9qRLPdQr86?domain=grand.online
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 199fb21b3ebc707aa9045279d3f380910ebe9194b8f4afc54d85ba28e1ee715e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 08:28:54 GMT
server: nginx
x-amz-request-id: tx0000000000000022505d6-006332f175-328fd781-default
etag: W/"c3a9d4f9b6981f579551b9a46e32d64a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-rgw-object-type: Normal

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1140163/65044670/ Frame 06C9 236 KB
70 KB 191ms
40ms Script
application/javascript 34.246.229.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1140163/65044670/skeleton.js?ias_dspID=3&ias_campId=1009016887&ias_pubId=pub-5845685380979936&ias_chanId=1&ias_placementId=18196981561&bidurl=https://grand.online/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j-edBJWXX6dQikZoEZbtCs
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.229.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-229-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d63686429bb99468d1218e0fc058740479a9ed5848de190a01a7b292fec00ead

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 06C9 106 KB
38 KB 61ms
31ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Origin: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 07:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 07:30:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame 06C9 8 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnWsBAOrLOrbbvVyOOhsz4K53mDjxwd_BDoXhKriHCetEu4KUiicDavJc73TrtD4L9ZMtSm7S2-3oaRIQW0B8PDLncKSguc5TsIQDF9v2W0mQxKJYded_cLf-cv4MwvkC-N3C2eac5qBSRhJZow-Ke36fc0Q&dbm_d=AKAmf-Ad0GJMWH8ed1FwD8lrGh_e0RLnw0b48MIWmDKsD1VrzT1MpwSF6sOpip_nFe_D-KEtDG-YX4MKSyZW7zn2pQPPFXArCCtAONHGgVTc5-G5n-QswQTEGFxJTdWF-q4aRdfeUKZXtRdy95338eSxRbCLuSIF_JXZHFhjkiRAmEJG-cse7NDLTUoBKtRqMTRCK_73-tE2p2i6bXnjJ7THjFP2lezUW55t2bvUxD4Asq4uJJg4dZWkLqWDqvVMf7vg8l_kdyTOYVmYFwz9va2cETn3OUA_01y85XENKnheb9ojWIPTnzUydKTI464PKT-4qI-E0aCwltQFghwI6lAx9f2qhSM15Hx-qAZXpNQntN8vmD1Uvpqbn1NIY8b8_qHr556NlzDj9JSj6PBtvPX8ixBbQLVK15cc5OyBcuhuzEdnuYj9W207BaGUb2HQyBwLGU_EUctmpW0rlHnptkLaPMKqha70bkbK44LOO38cwOM6MZgwCInAWHKBL7hf8WDJbmNT1V922atU4xmtm1cySUhsJD_JlXRb_15DD_l1_7wSJBKQxPhZker-ZhGRC_G8ObsVAy5_JxSomqVeCJecMt6XrWvSFiQCLu76Fm0rVzu5jb2Q57APL5MmXTmmj3VPaIbzwIKbkmIPtUd8WA06uLSoU37TRIUC4gyCo6xj3ApQJPqxdJwu97MEj0NfDKfXBnxLzB9Z7FfUVDsNQvGfSLPPHl8dzneJFnCIyXGWbw9AIEUvCrgFlE-OiCxLE2F5Vjmo2r0gBsqJ9RlXgAzGMlv5nNFdHe6wQ9nTuTc08ey2ih9MEUgMVugS2_-4J6zeAZXFD-W0_sb-4Lsiq7lXxde7u_muqfUIbHsIeezuI7XFB8EQHWP6V_ScN8lXSsOoT8W0xbZnVhKzuZe5csPFRQh_A4-VcvDmoM8qNEbv0ludbupXNTwm_oKJ4jVfGM1vVXuZPH8oR3Bn6MBCQuhlUjHrNuHIrr4VNhOfs42ZKVE672Rjg2qh1Wgo1EYV8wIQgZrsSj963ez7e6_Rfzxsd6c5t4jR6VxGIZccPwxU-R4RQCWIaD-I5QOh-Vn342ujjjQaro6DGp-FP-YvhH9J2WxUno37XJT2sR7aXjh5byi7jg8E8-Kj3OcP1WDDFzTyyL1mfKfa6Y501hLvmqY_maL_k9-6RAtcRQFmEkavdMiHPyjqayyrR7ycmQU556d6xOgXpVHKmCliDqqojhPb8RpEhe71ZS9a5PQxA3nHxSY3XrQZEJ5OG58VP8ks95CNqj6wcPvhSw2mVj_NLG4x69kdms9VI7bKAMVac1Cd7Vookj_Te591Fn6QVUb7PUWA8pHzBpUtH1Mno6wjCX2rltM_9mPGCuES60nufrm-chHqJOBnkwnCV52wP-W0WmBEvoHhPfLP9EUOF4YrFLsFZEnKSp1inLqhJbk06bU0Kcfu0OqfmasqiinIhSYp0FdrhPQskTRoGQ-4a_2ncsQQBZR6zp3hcJ1RRNlgwRSO8hvgvWV5JXelAKsvqHg6V352sl1rWTDl8kmR-XfH8zR5yG59jiQvYa4bAvyXvT6zJVsXdpgBzKxVYfSUfd6nlEzFQ5T14Z7pcc9iub3o2hvnsbTWAtgsgK7VX-PD5jWzFlG50W5vjKjr-z9dWzuFXp8X7witVt2WVQA07FuHRmMJYaaEZw9x7YJ44gUnJ7lLpsFUEmC2YvWsn0ArcDvBdH4anxKpilLb3wlgQmJqcyh964hd2w4xfIr4CFs-pIlaRd43v_6eN1SjiJQSr1oJayIxJGny9VVxtkpmo8xeqhfwqGvO49p_qeMKilhksDv0pTALCysbcCwbUyYd10QRaEZExpL1xlOnPG0Blkq_0rJ1b7n4-pQV71nkcNo83w4w0mBJSD4ue-5GXNelCr4xN4hPAd2bAxS5qiePdq-sAS0kdeevv1RoaPG4rVHbb-pD9sfZxxbjdzCTKyMj087tiAsnkW8-uf-anznWlSdODxlhfaE3eLqkawq6x2lEFafcNcGPEE5-uQp_H7Pd-Eaoc8ko9ul-TZxaUulp0rxZdo78ljKoNa05eIkzWo43IuDB-8uGsoKjBvoDw6O7YCxd-wiknNLvLxWLyRFVXzOQx1iqOM44zgBKco4kfJTLCRPMJoA0ZQIpbF74iGqKfNpxqm00Gic9Q8o-9PZU3F5gp7BkofuBLCoPpXOL24smsKcgPdFmkHuYPtXdGmpBwcEDrvpCWv4_3ndss8_tULr2YICFPY3kFFxoA5oQMTsOJCIFfiNVwDUJASo1E1WqEIQ-Dvu-_bPf0j69xOrq38tLDKouhrRP_BRxK0YtBNoznLeAkwKIlaljheGPevw8ciE-SeA5NSoscxY9VRzg0AfY37cEyHRU_t8e9-KIACflJ0-q0qAezzWv5a1dcekF_C63HUx5Fuvc84m2H9igaLXHP2NsBs5DRGlUmmS5_aW2khHL_aIgQglm1KTnSq0-RGN8mTBp2H1AYIU0emVkm5OyjCmDnJ7jssNbGpCn2uZ8m0HK-0bXbev_AqdRim0o4PYvmvpRIlU6wJZx3P8NeuZxtkdhuzBKCdD_ePD8EIOOkW-eRWTTvOWRRiSWQ53TBJ3_QFYEReP86fIVbRGVa301T-_1XAVZ3SRTjpwU4-LF3pkvJF_l4qlK1eX-3FvsAVuV0vWutJSa_2Q02jf_as1lefuFyEvxRWOeeadmCLm4PbXh6mdjTfQTfPsCCz6tgrbZwIW_qtyOx1x0tKTq7amGW1Z6qCccOECGls5Z3ZsWhauhfjnbOhIWo2TENeo4hBI9SIybshzfYFZIvbLaf_mwFiLmlyMx5FvVthrjGLOVNH-3i-yT-WxBRVPJWTG-qv8vwQUfr7JDsIF9LGfdG2UGxL29xK90aXsJmpMLHVLm86QIMZZDsKTgdWjsKbhhu89wmNB-Xf-nRe01F6-sRLqT7koHVz2HiunWXoIXEFPD5l2fTDtgDjzUMjTzxcqdBGUFfXKCJ1fhRJV2g9Br6zgvSOo1xJwDK21dZTVXCW4yTKxKDd7Yq1sCc02Tsqg70KNJUCOO8W4WHD-Xq019cBjAtdMLNCmVM5TbdW-k7f08VtB1wEBOeRQefP_Bu3DuHYrehUNa2R_XueeckvOy9UbvdvXbn7RwH129zvn1xwMHKIytTaNm9s7QHyKSpINzXi_dZjO3EhCkUn_tU9zPq17Tk_VPjxZ0cMVrYc8uM879GqZw7SyI3nzoedZBK_e1kRa8rgw1rMUynrC7YKF9S_Ttcn8BduU8rI3qw6vnVr6oBHAOWTLyekijq0W5WgJt490rgYG_tAqp8MH_&cid=CAASKORoUDGAgdpngKH5ypiG-AC3pCo-TP2fH186_ih-LyPpKs4fDsOA1mI&rfl=2%2Chttps%253A%252F%252Fgrand.online%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:05:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 06C9 30 KB
11 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:03:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 459
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:03:42 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C54 41 KB
15 KB 51ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:58:36 GMT

GET
DATA 200
OK truncated
/ Frame 8C54 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b009739fe76afc86dfc3a3f2f49fe9787129315f5ffbdcd7443c944b4e0143ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame A611
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=grand.online&sn=ChromeSyncframe&so=0&topUrl=grand.online&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=zIzA8HxCQWZxUTFPT1pTaTM1NFd5ZHYvQmpoVndrMWFIcEhySjA3L0VIR0lkNE93UitWNFF2VzJlUUVYbHZjUzR1aGkwQjNYZWR0eE9ncjVLY1N1MVFpY0YxNTVkSDVPM1kwSTNvK1ExbmVwSXAxaCs5c0FrNzNINmtrWE...

430 B
654 B

90ms
29ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zIzA8HxCQWZxUTFPT1pTaTM1NFd5ZHYvQmpoVndrMWFIcEhySjA3L0VIR0lkNE93UitWNFF2VzJlUUVYbHZjUzR1aGkwQjNYZWR0eE9ncjVLY1N1MVFpY0YxNTVkSDVPM1kwSTNvK1ExbmVwSXAxaCs5c0FrNzNINmtrWEd1MTEwWGduOFdGUTBlcjdpTkVuSDE2WmUrTFF3c2xRU1BMa2VnT0xYSVdlZWFOYW5lOTVUckp6YVFOOWRnSVI3UCtLSDlvaVFMTVJVNytCWERaR01QR09mbGNLcGkrbmh4TVU5UDVEVFNmdnNUZmJ6ekZYNDcwREN4WXdVY2hvc1NvZC9SWmUwOWsyYnU0RmVvZlhxU0N6QVNNaEt3UT09fA&cppv=2

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

048e7e253cd1834d6e6950566c96463528591de9e6e4571412a3521ecb9d721a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2556281
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=zIzA8HxCQWZxUTFPT1pTaTM1NFd5ZHYvQmpoVndrMWFIcEhySjA3L0VIR0lkNE93UitWNFF2VzJlUUVYbHZjUzR1aGkwQjNYZWR0eE9ncjVLY1N1MVFpY0YxNTVkSDVPM1kwSTNvK1ExbmVwSXAxaCs5c0FrNzNINmtrWEd1MTEwWGduOFdGUTBlcjdpTkVuSDE2WmUrTFF3c2xRU1BMa2VnT0xYSVdlZWFOYW5lOTVUckp6YVFOOWRnSVI3UCtLSDlvaVFMTVJVNytCWERaR01QR09mbGNLcGkrbmh4TVU5UDVEVFNmdnNUZmJ6ekZYNDcwREN4WXdVY2hvc1NvZC9SWmUwOWsyYnU0RmVvZlhxU0N6QVNNaEt3UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 479695
content-length: 0
expires: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FEE5 41 KB
15 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:58:36 GMT

GET
DATA 200
OK truncated
/ Frame FEE5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e20d617a128039fda9d78b960e14cb17d925d137e93a31f3579e3a5e917b240

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A184 41 KB
15 KB 46ms
29ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:58:36 GMT

GET
DATA 200
OK truncated
/ Frame A184 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83452a003f6213f4cdf44e7975b1976bc72741293d2ac743c68642c99de483b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 06C9 41 KB
15 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:58:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:58:36 GMT

GET
DATA 200
OK truncated
/ Frame 06C9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8eb77845234bc615c9e1bd929212f0947fc0cbcc31b8cad6209f736381cd945d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 prebid Show response
hb.contentexchange.me/ Frame B1D1 326 KB
326 KB 77ms
77ms Script
text/javascript 46.19.9.11
SIEL

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.contentexchange.me/prebid

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/hbscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.19.9.11 , Slovenia, ASN51790 (SIEL, SI),

Reverse DNS

trafex.serv.si

Software

nginx/1.14.1 /

Resource Hash

269d9f3331b03446ec6f6efe67e26d23761b66a8dcfc6d36e95eb4be2113570a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:21 GMT
vary: Origin
server: nginx/1.14.1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 333635
x-xss-protection: 1; mode=block
content-type: text/javascript

GET
H/1.1

204
No Content

bex
sync1.adnetwork.agency/dmp/sync/ Frame B1D1
Redirect Chain

https://sync2.adnetwork.agency/image?pbjs=1
https://sync2.adnetwork.agency/42e07a438e71ad07eabd104f7c353355.gif?gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=[COPPA]
https://match.contentexchange.me/dsp/?redirect_url=https://sync1.adnetwork.agency/dmp/sync/bex
https://sync1.adnetwork.agency/dmp/sync/bex?external_id=633304886cba4c1f1a59cff1

0
277 B

22ms
21ms

Image
text/plain

109.206.161.115
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.adnetwork.agency/dmp/sync/bex?external_id=633304886cba4c1f1a59cff1
Requested by: Host: grand.online
URL: https://grand.online/
Protocol: HTTP/1.1
Server: 109.206.161.115 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 109.206.161.115.serverel.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 27 Sep 2022 14:11:21 GMT

Redirect headers

location: https://sync1.adnetwork.agency/dmp/sync/bex?external_id=633304886cba4c1f1a59cff1
date: Tue, 27 Sep 2022 14:11:21 GMT
server: nginx/1.16.1

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2A10 22 KB
8 KB 18ms
16ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 08:29:50 GMT
expires: Wed, 27 Sep 2023 08:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E24F 22 KB
8 KB 17ms
15ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 08:29:50 GMT
expires: Wed, 27 Sep 2023 08:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 97F8 22 KB
8 KB 16ms
16ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 08:29:50 GMT
expires: Wed, 27 Sep 2023 08:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CBAC 22 KB
8 KB 18ms
17ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 08:29:50 GMT
expires: Wed, 27 Sep 2023 08:29:50 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3154771667329772296/ Frame 22D3 6 KB
2 KB 89ms
30ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3154771667329772296/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dedb1790d03f13ec6a984c4ef58d25841a3cf0c6fc03603a3b6748e59ed181cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 376504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2350
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 05:36:17 GMT
expires: Sat, 23 Sep 2023 05:36:17 GMT
last-modified: Mon, 15 Aug 2022 13:13:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 06C9 0
622 B 116ms
62ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6nb6btMIGtAnByUijrJd5PXZ5iuorH4mW1AI5ieI8Jpe0qpd-8p9FOHolbC31IPC0QFjmxzxuDtTfrr5vRpMRpJv6xhWN9sGSyQwk7UgoNHKxqBLWMj71uAxo2svgXY7UU2ie2g68Qp32BovlbQG6ZGQdVdYsoDH2eEoVzUpPwzOQmxc85TNy5ab5SAZSOdl96kLzuoDez5G_q1vTEikOvuAQL0Ym54BLIB_34yhIIoxUiTXzYv7T22ZDbIlyAt_yNPofxJQyI3pRyrFHvdMVc0jpVzzlGSOWyj1YWVvMFa74zLTNvl4j4DkzpYDhh7Yt6rxG-MhWsJdlV-1qDbJ-EUa_7JlSBpE_i8sAAgFYrw5jJiYPqXf-b85Nox81aPmV_Jbx1wrtC09wz_qWHLx9J3w_o4O5CIs32eaChseUr93_XYGX12n3FD4DAslI7rNLbl3NVt0F7M5q5gA9XyetrF-RhcOaqjve0YoFe32jPZzeH5WQIU0JYN5rIYbw2OA1xHa0VU5tDtMpBHaJW3pOMQzFV9LASyFSULMysGMmAdREVXwbbCtukeNwu_WJEreq4DCaw4eOmh_RCp2lG72wJ_Sr-ZddrDz3rNqIZnpgz1mBoBx8VBlkM2PpRWTpm9FfCi1ebJ-OMtqyefb-YlbL0g7sEWFIRS-d_N16m_T8KBEsnpIrcfvoZvqQZQ0zuO_lDpgSTyqTaMDRPtxQXME4rN3STFqZ_InlZnH41giPnvO5CrnY4GAEDoq6CtiIGxD4kL2WbYuE6-cGqm6pms0zznnxO-3dbtvrTPyc6obJB9ciChOY4Fukik-2elEm9dNeJKnskOOHicRYA2k0UsEsZEQlF_fRJvtNbToI5YC2bDXZAKOXsPyuUxf4ESjHkCIT7dDalhRt5_886IItMlIOpN2E9GSTYD8kdwf_rJmyxzBAOLA8jQ0tcVs9FOD4E-TzAbt-ZfFmBx5lsvCq5FAs4zZRIZP3kEnCe_678qLklXvYeU2VGzXpeT1xQUZH2Md38L8EU7eyMlp7rOhclVxGts9NdEVep6ZKrDxi_TDAWiKvtJy6se03nVeRmAJfMXC-eOnDUd8N-wkQkJnaetSBjI85qqPJVdMrelGKSbUry9NkFj6eZLeEr_uVhy1aFkyeEKYDDK6gfe9HUt7UKw8R1KifEP5Rwz3INoOawgJ3MV39M3Y&sai=AMfl-YSXJAmmRhH8MY1boMLaRedfTZuvrfYsYQomW0-UeBbNwRM3nWfOsZ1mlcBpywUNbnpr2p2sbjlwVKcA9XM4FdV6GuMSa_R6PHEL8LL8gUsJ4h4sTZnzlGiCt_k3p1HLKUyTc0YW2MFeJuWd0U_r7aML5mbE6jYlSpf6wnfi1xkOzx0Gc0o2PS_5E0wkx7jnGIcic__NA6BrzXR0FHVgRBgg6NTl3rlpSQ&sig=Cg0ArKJSzAXwI12ghRCjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=137&cbvp=1&cstd=134&cisv=r20220922.10458&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 27 Sep 2022 14:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 361F 15 KB
9 KB 96ms
61ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143

Requested by

Host: grand.online
URL: https://grand.online/resources/vendor/jquery-1.11.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b40195a3802ee5f99a54a101cd045ee795bb862580d0e6b187931937d6635

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 27 Sep 2022 14:11:21 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 7YxY/7IgDLWuQ1kPRjmS6bkgMai8uAqoJL9CmIjlA+qU2O6TtMJLDlB9/UVce3TElfk9mESyqko2Lb3zj3si/g==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame F7DA 0
176 B 247ms
30ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 27 Sep 2022 14:11:22 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7513298528269151335/ Frame 608E 131 KB
26 KB 62ms
61ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7513298528269151335/index.html?e=69&leftOffset=0&topOffset=0&c=vPZfj7HotJ&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0050b0972873453219a021daf41ec07a7c4db4ea1a59931de540070219e54ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:21 GMT
expires: Wed, 27 Sep 2023 14:11:21 GMT
last-modified: Mon, 12 Sep 2022 11:21:23 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C54 0
64 B 64ms
63ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQG4U-pUp7qIPe8StBLuYGRlzrlv_Jyx8YmBofnDaz1YaBG1cH61lTBxM03H7WGTsTrN6YEAwhCHCseodgB2vbonm-KZC_Ov3wYyhtpoaS46hmFzGl1PgwH363lleSbQhO-EAtwjtozxg4NUTUzxnOvSmHtGin_aGz8110RgtqZV7fUocDPlBKnnD-lc1rBZvBwfVplQC7Z3Bn8fE6NwCrBIlPpBjETGikYjAqXS6_Qrk1tgY9Ry72msMIhTOxJYI9sJ1oLIBNl-Q60W6qWlSE37jtDk7y35gM2xD92GCpJXSe2IB20ABCIC6DoexX8LibY4TNHyN_v3q8sc53F-MQAxqGcLER7jgI0uYh_3eGYyR7_x8_g7nxjtAjNU8jigZS2KTrdzwFwzkYCi56i1caNmi4zuAruJXte-D-1dHk8iekzb73unBap_NdD20dy-Zm43cHcLOIrM7GLnZZvoDAEuFN_MpCuFroMy9rQ1ickEG6Ky2o5IXiz54mBp__h3MBrwMvZfeUwEYw0UDFvcB0ONNFmo93w91PkDx78x1vFzGK6XFoLRKXiRjecwb2-adOXKbzjJxtxY6HncAGrxPMhWPMZKo71i-Ft9aTWQN_cTRB9QdHIMv1YVUU73zi7LTC5cxeeQ18Zl9WSlxhxKf0LX6PCOCqcVhUKcnvxK_GoXTKM-vm1FhE_NhiVC7SEjpcWKcOH-FYGbjIfag4yCqPA9ZCtv04k8E-u3om3WAetow6-n1SX0gHvZBtpeSvRgI95NEEjjIE4KkCNNT2PFrLYARPX4EUB6vUOYVJGQmdGw11u2t8Fz4A7ELHerORlhSaMIV6gT373ayB6U-O6ZH8dvz4XnjOh2RQQrksfg1Kzpg0nKdBtesVKan8_1ybHuHGYsrx1kxZ5f_AfGSQswrvqD9bHD5cJjZZ_3fDaXuVwJ9D9kWv6sedwyB8jltAzHMe8dggvUoeBrk2VF7ILurqCASWEl9S7HqaTPKHHxXOkL3FoFn5gp_k9ynNAYfHv61XFwyxr3IFdRdauQj6s2LNsm2DjB8UmN4vISC1BvE3LMBtzUFNpZPX78aT7UE_P8T2Pu0eLLtiLLkPpAfL1XIbemAR-Ca4EDjo2TzC-WAQNQwbOD2otJkQ3CO483zxnMfYLD5_exVWWcYiyROlSSLEH5X9LqpzsOezz0c8IghmKu8a3BuUqUvW5uo&sai=AMfl-YTVQB9Fhn31qPT4nmO9f480jHT4toCUc4vskkoYA4D6TENWGiXZzYBYI1nbTAFnh6EDLXhvpq1HeymFlomdfu8mijl33tfzQ3j3J9xK5pUBCaAl7E64DFwpEDpUAL1v0NrgxgGm82jKz1KUUoEzkBNgTeTiG04aN83MbeaKzLmPPgyaU3kQIa2j7bFvaDqhHBNoXkiFm8l52Zo8oO9NYJDJo1jqkQ58-Q&sig=Cg0ArKJSzAMSF7Gh3nfkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=307&cbvp=1&cstd=300&cisv=r20220922.57746&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 27 Sep 2022 14:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 300x250.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/ Frame A50B 3 KB
2 KB 65ms
65ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97f0bd11ee2d0c71106196d5ecfc0e1781568a5b2b3245199983741fc617e2a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1640
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:21 GMT
expires: Wed, 28 Sep 2022 14:11:21 GMT
last-modified: Mon, 29 Aug 2022 14:00:35 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FEE5 0
64 B 64ms
63ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrX0CUCvF8It_93AtaWWCZidMpRSIUPfw9fPLH5b7vAyEfbXv6LgrIOJFVVKMlldrsvQPXV-h3puXmNkoFwwkkW1mInhAZu1NV1LbE1LbqJ_ojq8Q8RemgW6Yjv3m2XsxanPijvnHnbMJDFj98qv2QfLemEGtMub74H6a3naUfEKsYXVwTl1DzpUteu1xo_OZaOfeedtaKHkSoWMuBu2mq35OkWnoH1tgKw72wn6f9nU37VU_NOIPcsVMONfyXedr4vvhXfzhfJ9UJJ7qmOyR8SKi9ijDyf9By7OyzQIoYkWSmOggoi548wGgCnlVFOM12B1Fc-aNqgWwiyG8jIfINO76iZnDCC_XquL0z-0Ugk93XPjOE8fxGWSmrJNdRC_0sQ0m3HhYm_q_Jxs8KrLu4DVbQVx67IFrzfp_AGY8ZX-QxAOog18txjn6xlrO-BVd67xjsxJ2G4A7AFvoYpGyTW5LaIONi5QCiKh1yz5hED3T1USNp-oIBm2I2FySt5MpK6G2Jsi3e9MKKr3h91YDgQK_O1bCSYtt4ns2o1KWi2H16Q5H8C3vQ22TurRrfJygjlBZTsh1_MOSj9IaZRjez-U-kAro96D7nGSNLXHSbDNUJDZucYO0ZGCy69X7iq1cYUbck8MIQyjxh6ZTxEKuAJnl27cxFwox6YtYtVGbFe5uJoh6LvkIxvnr7-2-9A2jbotb-rxYlQ5tBqYiDkGoDAbNDjSxYHNY5Nwc98SiB6CrRwDZDkzO4UWb2DY92p9u0GMRr_T22O02VtEIVJe6KUorasL3KAgZKI_tiBQufEEpKRcZILPk5T_7dvSUbp0yW_mN5MIk_lwrPFyLESo3ww5V3El91A7MjISguqPHFvTvSXqDvA6yE8DvZBTncBzt2fb6u2gnxoqL-Hvn2GaGO_qPEO2QANmPXUIvjKRDIkk5l3hZNj07hexe4xC-Xdj5zqyqZ5DQFD5QBFvI0pT3VcndsSV0T7yG6nN9ciXVHomcp-e8AFuRS2bWrJSl8mp12JUuuQUtPeod5c-OeDgXnhpdZaGV-9dWyFKcTW5EaUuVlolT6PxoTQDORxmdX7bA7avZrvEIn-_OiUffZzUTBWZOZ_QLd8zWwOOoToJqrV5ZlDhUjscyfULSG3SALPh_oNJO93XTYqahUidNyBkZ51c4DNJQYiyVB-WuFan18rUsceuL6E36DEQ&sai=AMfl-YTCxOVEytjPNx_gt1aqz_eroGfED2kmt1aV1CtbhVGgA9pNx5UGOq2UfmR1omRCRukk_86j4vU1sqqAUhmOPnUQidHMX365UhzVFXFoxgQ2FuFzJjAgfq-pBemohQKbC45bEep0_WblpyZ35eTj8s5kVHMJp8IYBZAog18vjiNDjK6yRH8fw_ldVJ45qKl1sJMEpwc9Kmk1a8tMFA_jPeUxQXnqZpcGeA&sig=Cg0ArKJSzMyOezJsw8J-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=304&cbvp=1&cstd=300&cisv=r20220922.29559&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 27 Sep 2022 14:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 300x600.html Show response
s0.2mdn.net/sadbundle/15942740134649324497/ Frame 9C64 4 KB
2 KB 193ms
184ms Document
text/html 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

781e3130f627b8d21a3c5c53df42771274a00295f90020588cc21bada91fe804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1696
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:22 GMT
expires: Wed, 27 Sep 2023 14:11:22 GMT
last-modified: Tue, 23 Aug 2022 14:57:03 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A184 0
27 B 95ms
64ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoclJDEHKhSJ-C3ulw6f5XEb_83tWpCdt9zdIUCxqpkMSe1jKNXpxbPp-tg4ZxCQMnd-hCizyp-1U0qyCrYnRj6izv-jTlOO-ZRoZRDyYdUl7ForEMoUWSjhPHOD6ypS2b7bAH8F9AnOrgsRkQsP-xcAYSQsv1sgVFavGXMqNpxPPRnTo2uHlF51f2pN3iBVTBTcVMQvcINHHmjYCwaDa_UIFbRZK0zPem-_PZSJ3NELIdwiBkcvajlJ51J_aijFxGo3MP_Qc2RGMyt9JgqrhRumFYe7mgUY84RVR9m3iIMAwdjNxLizU0yzkIVfJKuhQuJtLKVa_o8XzuPGFSO_G2Xv0XBYXSWWQlNo4aPfXj9dZhjdbrL6_F5tzuZ0e4snoKnOblDndshiqrS1qPUOM97Dce7Nc9TllMitnWmmmnC-QwnBXnVHkZeT_nptYs0GXyNHxzROkJ_KV0YFQ7w93Ho80nOVa6kKa_Hk7ucizPNhsQmVNp6q9n2iJqVwhKPt5iK9fDX_b3voXCkFJ65ljlMOVtXmaVR-SxZH2KsWh3TdmqMCWFh_8hBRmq7lAVjBUL1cwmaxBHly73jLG3ZjssP9AS5vLdxHE678LtJkjDdACS4qrbLUfBpJaztpJ-XEV2bEfAXG3oCnTQCYTlKaolCI8yCpaMogoXebaj7W_jjNkcr0u4eSOM2effzTRXfhXmvi_om61FZrFc3H31QNIeDiwPXdLiSnPASYySDuUNn_TBg3mkMb13jbtSW2FMM45gUecPys44HEN1LJj9vYmuyzxzgw-tVhFG0NZYqQS-4UEGCVsOWHPhoWkWCuaUK6kGa1iRpu_LKPSLcMCM1mkZeRucOPYRwqZs-9B4oWu4Mp6WrX-4rUWH8jadD7yNo8CZV2b3Zqum1OG_fpCGP73fnwRIpVVbwA3RRx8_9BKaaWm8anUK0eHEpvMVY2vuJ-_ouizGBWOG13URBWn3W7z4GzrA7DTZ2KvCWxx0mCoKvqoXb1wtR9YT0af2O9q7kzuC3maVCTzhq1mhaW_mjU0boSP-mlpvt1LcZGwRIh-q8AhpjsFwAbLsLMfYlFlB0pUPttmmzcHjvM9FhQwho0Je1d9b-i9qzMO-BvULt0GpN_h2RQ6r2ejt_Hg6VdguTSNmwphJR1FwDzwLKyMBQ-uH0-DZRvvuAJYZ9z4GVdjEjmmKmebR&sai=AMfl-YQjxK7sxjr5SmiPLYXtwhNf---48mArbgU514E6y_SGNJtYr8gMP7UQkuLY6LuG9MPRRzj_Jw87K-x31HUfWYYBarpbbWsPAeYQx-HallOEzYkXwdVYcb5w9idYVrxFi3B7wg6Kniuz4xFDJ4dneKxrvIKqltzhxuPSTxAeKPbYltzVFP08E7SDzvk3D7pSxoxHOy8zKF-KB9-cBUp0en6Mq92-HZrBag&sig=Cg0ArKJSzMMFac36OjN8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=285&cbvp=1&cstd=282&cisv=r20220922.77746&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 27 Sep 2022 14:11:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 06C9
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1140163/65044670/4.js?ias_dspID=3&ias_campId=1009016887&ias_pubId=pub-5845685380979936&ias_chanId=1&ias_placementId=18196981561&bidurl=https://grand.online/&ia...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

17ms
15ms

Script
application/javascript

2600:9000:223f:7e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:7e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: .FvT8.adatXQqepC.f_awHqI.Z2HyzG1
content-encoding: gzip
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
age: 345134
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Fri, 16 Sep 2022 14:19:02 GMT
server: AmazonS3
date: Fri, 23 Sep 2022 14:19:09 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: Hg_mV7C1-8mVkZma6HuPCeskdNazHTefnykUOnWtPk6wzE8Zhqw3jw==

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:21 GMT
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C4CD 91 KB
23 KB 119ms
18ms Script
application/javascript 2600:9000:223f:7e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
content-encoding: gzip
age: 513306
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: 50Ubm14vKlsfp6d1BEaeynlLM6-fFffEJCvFq3dc9uz5u3R6AgmNWw==

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A10 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 13:10:10 GMT

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E24F 36 KB
16 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 13:10:10 GMT

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 97F8 36 KB
16 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 13:10:10 GMT

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame CBAC 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 13:10:10 GMT

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ Frame B1D1 3 KB
3 KB 103ms
16ms XHR
text/html 2600:9000:2240:7400:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:7400:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 12:46:04 GMT
server: AmazonS3
age: 64335
etag: "4a6c546fe449447f2a620613c0655458"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
date: Mon, 26 Sep 2022 20:19:08 GMT
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 3121
x-amz-cf-id: PlybJ4Gbg2RvHBvKjPhHMDyf5guP5klBGDQ2q5yX4SVstZvnFUryIQ==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame B1D1 2 KB
2 KB 79ms
45ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220927

Requested by

Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aaded58dac73e34620e86b5cfdd6e7e20bb38e2ebe5af7d777bc82822bfdb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40213
x-jsd-version: 1.0.1475
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19143-FRA, cache-yyz4541-YYZ
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66c-9lsaB8TCWeAdVdoa0IOXXG7dpP0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2UoWbJdDu2%2FNrtTRelRxL7GtL82mjV7jzLgD6FHEvu01iMzB8cozn6aQJPxhJT574lsD5Ko4Jef8eOtgj%2FoXvvha%2FMlwU%2BI2W2JiUAoJxS1dboyrRLGCzWVTDLm3NChyf%2FZFZKqg1qkalVpNDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7514d3ff2b996958-FRA

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/ce086b75-7730-41be-8fb7-52d3f2f48f60/ Frame B1D1 292 KB
102 KB 83ms
18ms Script
text/javascript 2600:9000:2491:c200:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/ce086b75-7730-41be-8fb7-52d3f2f48f60/grumi.js
Requested by: Host: hb.contentexchange.me
URL: https://hb.contentexchange.me/prebid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:c200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c3bd22c0d6e6a84762269e1d99023abb0411301bdab6d04f82218c84aaf7f0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:07:03 GMT
content-encoding: br
last-modified: Tue, 27 Sep 2022 13:51:35 GMT
server: AmazonS3
age: 260
etag: W/"30e215b3e80c45196c4a3a40500f5272"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: DASBNRrdUqoKqa0EYdGaq6wVvhz56KoW
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop: FRA56-P7
content-type: text/javascript
x-amz-cf-id: AqF1F0ipBalBB8KEfA7uX_okAofiWjabC-3Y5ib1tPhAQrjYYp0jgQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 06C9 43 B
215 B 587ms
173ms Image
image/gif 2600:1f13:800:7782:37a1:3b18:39e6:194a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=14ed9463-3acd-7367-9d38-c7c16a03a88f&tv=%7Bc:pqlIEb,pingTime:-3,time:151,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B146~0%5D,as:%5B146~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiDYlnS+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1*.1140163-65044670%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d%7C1e,idMap:1a1*,rmeas:1,rend:0,renddet:na,siq:19%7D&br=c
Requested by: Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:37a1:3b18:39e6:194a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:22 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 06C9 43 B
215 B 583ms
173ms Image
image/gif 2600:1f13:800:7782:37a1:3b18:39e6:194a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=14ed9463-3acd-7367-9d38-c7c16a03a88f&tv=%7Bc:pqlIEd,pingTime:-6,time:153,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:153,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B148~0%5D,as:%5B148~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiDYlnS+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1*.1140163-65044670%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d%7C1e,idMap:1a1*,rmeas:1,rend:0,renddet:na,siq:19%7D&tpiLookup=ao:grand.online*%2Cdba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com*&br=c
Requested by: Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:37a1:3b18:39e6:194a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:22 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET createjs.min.js
code.createjs.com/1.0.0/ Frame 22D3 0
0

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/3154771667329772296/ Frame 22D3 96 KB
19 KB 30ms
30ms Script
application/x-javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3154771667329772296/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3154771667329772296/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd8a3a119c284a258bb583bff733acb3db402811ec15a63409ff736fe36f3b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3154771667329772296/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 05:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376504
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 13:13:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Sep 2023 05:36:18 GMT

GET
H2 200 sOG7HxJgFqb.css
static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ Frame 361F 23 KB
6 KB 84ms
28ms Stylesheet
text/css 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/sOG7HxJgFqb.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FZvezdeGrandaPrva&tabs=timeline&width=300&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false&appId=534904083375143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca91070e828cc8240900d0035ca302fcf3444a9170a67ec3477a165ad7f744eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gspQFByOyu/Tsb5WS7n/wA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5573
x-fb-rlafr: 0
x-fb-debug: Leqn//jaUDOatSFhTiX3+lcEzji0vZOZy3XCBeOcxda7nve/YuvNiTy764mpiLNAYFew0ay8hmDhT4+QLe0jTw==
x-fb-trip-id: 720026100
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 26 Sep 2023 17:41:31 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 06C9 43 B
216 B 558ms
172ms Image
image/gif 2600:1f13:800:7782:37a1:3b18:39e6:194a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=14ed9463-3acd-7367-9d38-c7c16a03a88f&tv=%7Bc:pqlIED,pingTime:-2,time:179,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:450,beZ:451,mfA:452,cmA:454,inA:454,inZ:457,prA:457,prZ:463,si:468,poA:469,poZ:488,cmZ:488,mfZ:488,loA:603,loZ:606,ltA:629,ltZ:629%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:180,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tiDYlnS+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1*.1140163-65044670%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d%7C1e,idMap:1a1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:19,sinceFw:159,readyFired:true%7D&br=c
Requested by: Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:37a1:3b18:39e6:194a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:22 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 608E 118 KB
40 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7513298528269151335/index.html?e=69&leftOffset=0&topOffset=0&c=vPZfj7HotJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7513298528269151335/index.html?e=69&leftOffset=0&topOffset=0&c=vPZfj7HotJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 10:25:39 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A50B 186 KB
48 KB 82ms
81ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 14:11:22 GMT

GET
H3 200 300x250.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/ Frame A50B 38 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bb9b304eb949d22ddb1ecfd74e32867584a92993956010c97feb35f1880618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8129
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 14:00:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:30:52 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A50B 118 KB
40 KB 39ms
38ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 10:25:39 GMT

GET
H3 200 clicktag.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/ Frame A50B 3 KB
1023 B 50ms
49ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/clicktag.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 995
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 14:00:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:30:52 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 06C9 0
26 B 53ms
53ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7OHB3WjDtsUXWwuhPVgpvWxwBoj5LldsxTesAj-bSNNvUmhorcyYbwKJrMMHZJtoRxX1-RUeWKmyFlWaYbKlrwvbzJJ83iWYTFUfGQn2EQP2e2qE7GUu6rVHTq-zb2EWS_VryMP5vmQ&sai=AMfl-YQnQfkV8Cg5bp-aJmqMsH3ehBZ6QSIuNxdnIO8JRpvXkhJ2IuLXglNr07WowV5aaA-03XB73kwIgTYvIG89_0dyqO45tKSb71OAZFx7XVeXyKs_NU73BlRX9nR7thdz&sig=Cg0ArKJSzIkhpVjLgP1FEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9C64 236 KB
63 KB 62ms
61ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 14:11:22 GMT

GET
H3 200 300x600.js Show response
s0.2mdn.net/sadbundle/15942740134649324497/ Frame 9C64 46 KB
11 KB 35ms
34ms Script
application/x-javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41762672b387bdf7c5b3638afbefcd6535bd6106984afc3e22cef0e6069ac59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 22:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11169
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 14:57:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 22:10:10 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9C64 118 KB
40 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 10:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Sep 2022 10:25:39 GMT

GET
H3 200 clicktag.js Show response
s0.2mdn.net/sadbundle/15942740134649324497/ Frame 9C64 3 KB
1 KB 34ms
33ms Script
application/x-javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15942740134649324497/clicktag.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 22:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 995
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 14:57:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 22:10:10 GMT

GET
H3 200 CASans-Light.woff2
s0.2mdn.net/sadbundle/7513298528269151335/ Frame 608E 22 KB
22 KB 30ms
30ms Font
font/woff2 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7513298528269151335/CASans-Light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7513298528269151335/index.html?e=69&leftOffset=0&topOffset=0&c=vPZfj7HotJ&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce34f381a7a9e9969904d70d8b6c241983fcbe5ee21fc66fbe57ae34dd44b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/7513298528269151335/index.html?e=69&leftOffset=0&topOffset=0&c=vPZfj7HotJ&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 06:04:00 GMT
x-content-type-options: nosniff
age: 29242
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22612
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 11:21:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 06:04:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FEE5 0
26 B 53ms
53ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrX0CUCvF8It_93AtaWWCZidMpRSIUPfw9fPLH5b7vAyEfbXv6LgrIOJFVVKMlldrsvQPXV-h3puXmNkoFwwkkW1mInhAZu1NV1LbE1LbqJ_ojq8Q8RemgW6Yjv3m2XsxanPijvnHnbMJDFj98qv2QfLemEGtMub74H6a3naUfEKsYXVwTl1DzpUteu1xo_OZaOfeedtaKHkSoWMuBu2mq35OkWnoH1tgKw72wn6f9nU37VU_NOIPcsVMONfyXedr4vvhXfzhfJ9UJJ7qmOyR8SKi9ijDyf9By7OyzQIoYkWSmOggoi548wGgCnlVFOM12B1Fc-aNqgWwiyG8jIfINO76iZnDCC_XquL0z-0Ugk93XPjOE8fxGWSmrJNdRC_0sQ0m3HhYm_q_Jxs8KrLu4DVbQVx67IFrzfp_AGY8ZX-QxAOog18txjn6xlrO-BVd67xjsxJ2G4A7AFvoYpGyTW5LaIONi5QCiKh1yz5hED3T1USNp-oIBm2I2FySt5MpK6G2Jsi3e9MKKr3h91YDgQK_O1bCSYtt4ns2o1KWi2H16Q5H8C3vQ22TurRrfJygjlBZTsh1_MOSj9IaZRjez-U-kAro96D7nGSNLXHSbDNUJDZucYO0ZGCy69X7iq1cYUbck8MIQyjxh6ZTxEKuAJnl27cxFwox6YtYtVGbFe5uJoh6LvkIxvnr7-2-9A2jbotb-rxYlQ5tBqYiDkGoDAbNDjSxYHNY5Nwc98SiB6CrRwDZDkzO4UWb2DY92p9u0GMRr_T22O02VtEIVJe6KUorasL3KAgZKI_tiBQufEEpKRcZILPk5T_7dvSUbp0yW_mN5MIk_lwrPFyLESo3ww5V3El91A7MjISguqPHFvTvSXqDvA6yE8DvZBTncBzt2fb6u2gnxoqL-Hvn2GaGO_qPEO2QANmPXUIvjKRDIkk5l3hZNj07hexe4xC-Xdj5zqyqZ5DQFD5QBFvI0pT3VcndsSV0T7yG6nN9ciXVHomcp-e8AFuRS2bWrJSl8mp12JUuuQUtPeod5c-OeDgXnhpdZaGV-9dWyFKcTW5EaUuVlolT6PxoTQDORxmdX7bA7avZrvEIn-_OiUffZzUTBWZOZ_QLd8zWwOOoToJqrV5ZlDhUjscyfULSG3SALPh_oNJO93XTYqahUidNyBkZ51c4DNJQYiyVB-WuFan18rUsceuL6E36DEQ&sai=AMfl-YTCxOVEytjPNx_gt1aqz_eroGfED2kmt1aV1CtbhVGgA9pNx5UGOq2UfmR1omRCRukk_86j4vU1sqqAUhmOPnUQidHMX365UhzVFXFoxgQ2FuFzJjAgfq-pBemohQKbC45bEep0_WblpyZ35eTj8s5kVHMJp8IYBZAog18vjiNDjK6yRH8fw_ldVJ45qKl1sJMEpwc9Kmk1a8tMFA_jPeUxQXnqZpcGeA&sig=Cg0ArKJSzMyOezJsw8J-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=784&vt=11&dtpt=480&dett=3&cstd=300&cisv=r20220922.29559&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 608E 7 KB
6 KB 57ms
56ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f4a17a5a3fbb69a1ddd04f9237ab480d2069915faf647475f3ca8c729cee0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5629
x-xss-protection: 0

GET
H3 200 prod_studio_01_247_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame 608E 31 KB
10 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_247_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7513298528269151335/index.html?e=69&leftOffset=0&topOffset=0&c=vPZfj7HotJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 19:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10616
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 19:09:44 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 06C9 43 B
215 B 179ms
179ms Image
image/gif 2600:1f13:800:7782:37a1:3b18:39e6:194a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=14ed9463-3acd-7367-9d38-c7c16a03a88f&tv=%7Bc:pqlIL0,pingTime:-10,time:574,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1664287882473%7C%7Cee3e381a9bfa6edefdcb015521e3de8e%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7Cd9361352b758cd4144fab1efa6b47d14%7C%7C804088e4b2a8d8731388246ecf01293c%7C%7Cbbd6c1fa4d8ad055a6f96618a9f0b661%7C%7C147d55c229f287fe185d29b1ad9f4bed%7C%7Ca30242577fb099980cbddfea2f504ae8%7C%7C1663701684,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D%7D
Requested by: Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:37a1:3b18:39e6:194a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:22 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A50B 7 KB
6 KB 59ms
58ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67ce385634823e42b8ea7f8da8487cecca4c17daebb78dde8124cd15caa2d65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5622
x-xss-protection: 0

GET
H3 200 back_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/ Frame A50B 29 KB
29 KB 30ms
29ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/back_300x250.jpg

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

beee834d19bc035e9ec7f53b11976622013ded18e2768ca1e05f9dd8e8aff30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:05:35 GMT
x-content-type-options: nosniff
age: 72347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30086
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 14:00:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:05:35 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A184 0
26 B 57ms
56ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoclJDEHKhSJ-C3ulw6f5XEb_83tWpCdt9zdIUCxqpkMSe1jKNXpxbPp-tg4ZxCQMnd-hCizyp-1U0qyCrYnRj6izv-jTlOO-ZRoZRDyYdUl7ForEMoUWSjhPHOD6ypS2b7bAH8F9AnOrgsRkQsP-xcAYSQsv1sgVFavGXMqNpxPPRnTo2uHlF51f2pN3iBVTBTcVMQvcINHHmjYCwaDa_UIFbRZK0zPem-_PZSJ3NELIdwiBkcvajlJ51J_aijFxGo3MP_Qc2RGMyt9JgqrhRumFYe7mgUY84RVR9m3iIMAwdjNxLizU0yzkIVfJKuhQuJtLKVa_o8XzuPGFSO_G2Xv0XBYXSWWQlNo4aPfXj9dZhjdbrL6_F5tzuZ0e4snoKnOblDndshiqrS1qPUOM97Dce7Nc9TllMitnWmmmnC-QwnBXnVHkZeT_nptYs0GXyNHxzROkJ_KV0YFQ7w93Ho80nOVa6kKa_Hk7ucizPNhsQmVNp6q9n2iJqVwhKPt5iK9fDX_b3voXCkFJ65ljlMOVtXmaVR-SxZH2KsWh3TdmqMCWFh_8hBRmq7lAVjBUL1cwmaxBHly73jLG3ZjssP9AS5vLdxHE678LtJkjDdACS4qrbLUfBpJaztpJ-XEV2bEfAXG3oCnTQCYTlKaolCI8yCpaMogoXebaj7W_jjNkcr0u4eSOM2effzTRXfhXmvi_om61FZrFc3H31QNIeDiwPXdLiSnPASYySDuUNn_TBg3mkMb13jbtSW2FMM45gUecPys44HEN1LJj9vYmuyzxzgw-tVhFG0NZYqQS-4UEGCVsOWHPhoWkWCuaUK6kGa1iRpu_LKPSLcMCM1mkZeRucOPYRwqZs-9B4oWu4Mp6WrX-4rUWH8jadD7yNo8CZV2b3Zqum1OG_fpCGP73fnwRIpVVbwA3RRx8_9BKaaWm8anUK0eHEpvMVY2vuJ-_ouizGBWOG13URBWn3W7z4GzrA7DTZ2KvCWxx0mCoKvqoXb1wtR9YT0af2O9q7kzuC3maVCTzhq1mhaW_mjU0boSP-mlpvt1LcZGwRIh-q8AhpjsFwAbLsLMfYlFlB0pUPttmmzcHjvM9FhQwho0Je1d9b-i9qzMO-BvULt0GpN_h2RQ6r2ejt_Hg6VdguTSNmwphJR1FwDzwLKyMBQ-uH0-DZRvvuAJYZ9z4GVdjEjmmKmebR&sai=AMfl-YQjxK7sxjr5SmiPLYXtwhNf---48mArbgU514E6y_SGNJtYr8gMP7UQkuLY6LuG9MPRRzj_Jw87K-x31HUfWYYBarpbbWsPAeYQx-HallOEzYkXwdVYcb5w9idYVrxFi3B7wg6Kniuz4xFDJ4dneKxrvIKqltzhxuPSTxAeKPbYltzVFP08E7SDzvk3D7pSxoxHOy8zKF-KB9-cBUp0en6Mq92-HZrBag&sig=Cg0ArKJSzMMFac36OjN8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=963&vt=11&dtpt=678&dett=3&cstd=282&cisv=r20220922.77746&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A50B 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 14:11:22 GMT

GET
H3 200 FORMATLOGO_.png
s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/ Frame A50B 2 KB
2 KB 30ms
29ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/FORMATLOGO_.png

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a82598c6313326a7bd1b48a36afbc4c7170fb8d0221664a6dc56db12ba63a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:05:35 GMT
x-content-type-options: nosniff
age: 72347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2475
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 14:00:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:05:35 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9C64 7 KB
6 KB 58ms
57ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40375c497d2a89931a7c7e4737fb7993569b31ec617620575e8f59f1e481693e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5832
x-xss-protection: 0

GET
H3 200 pic_1.jpg
s0.2mdn.net/sadbundle/15942740134649324497/ Frame 9C64 62 KB
62 KB 31ms
30ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15942740134649324497/pic_1.jpg

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbc552990fe360138dcdf4d31d00668dd558860d512e84a56626b10d9f13695a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 22:10:10 GMT
x-content-type-options: nosniff
age: 144072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63303
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 14:57:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 22:10:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E24F 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8AfyiQQzY57HHMyq3gPRr6DgCAAAAAA4AeAEAg&bg=!DwylDEjNAAYIxsuQKMY7ACkAdvg8WiAN5L3Z6MEgcoz0ByO04HxlX1h393aqGbwlVkqpmg7QuyX1LwIAAAG9UgAAAAJoAQcKAHuIPY0R38lp248r2FFKmlOCYEaanuoEM5TgCfHKHTpna5EVOYRu5A7c5GW2qH8kBYOcdVUBJPrAxokm9htP3NNT-6EaLfGANNcFmOw6nMovBR4Uo2dlZjDtTw5DXIldGy86PZVqGYbfJSQAf1rr59Fmjty5fQWB78s2j0eZAvfOQct96_TV9ZgCENQtrvV-bIR3IwDgl_b8pA4M7eShmJVaUPARgupj2pmVJa9vBqgYxjB8TOnKKtHFqAzukYivuqN0TqGSj7PmPEtImmstm_QpaRUuCkbN5BH83cn-XV6y_GOUeeWh3a9JX8qpas6P6OvkejSvO9ko4ad8WxFNcphYgL87mF7bDzhQlDCE-cIKpBgvk028Jb-r5HAA00xCMH29SaUlfEPmwuXF8tsSiV1pPD18id-FX8DknpXpXMh3rUcTalIwFfR1HJEXqIQq7HFcUZpT4gSj7qDZBYnIHynl_Op0y1VXcloAhqqPkuDej8h2-HE2t263TMqvCO-bbo6-EYe4z2xAQH_n0PYZKllzVMgpE9whlZlYfS0UhxIpQWsTYyZAUxpHcWzxO4zzEV2skkyxVd76s8m9w6Hjp-NEHJ9cceEsKleZh2pvmbagBOorvPN5FePPo7H26jTF7rzTOagUQ-Qb8Q92INJRwc06RUsKfkvyuVvTCew4yWURrsmLrijdh8QqN3_HZWfhF_NZRfBXuBhkcWCMeiOq0riYFTLPWsEIiPmeQWRT5JFE3D9S6TU_aDqWxKZ4F5yoQ4Pu5XTvxeE6YpIqa--tUw7IeIiQQuvXVDVGv5yahb_VAt5bFXeitlHFAvikzxbL2ZiSHxiqEnOoxkZ-T2oDubiVHV54o628x90O-ubM4qaJQ9XxyZqyi_7wxwduGH_XmTu9WSPo-BqDFrnt7v27tVoJYlRc4Wp7PQUqA13GtznC9ROcgvVLYwNQLh8RNajWwgHfukD-yRW3Od6sZkQeRjDhtlW_Ke9aQEeFyhb5Oh9YcOBejQASnSYruYnY7HAKbc5PcZZTcTAWsRfESRdWbGaSCbigDr-DIUOUeH0jLS15EtnYCeudiLALsXfcvk-pBwunYceG8C6rTiEttWNbECPz4qXrMDP3CMmQIKcmBCBiVg6TUnxHlvq_jXpBe7i4gSHbMd7Fd5Cx-k_5qpJpQhR3kkx6G_c

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 97F8 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfaKYiQQzY9OqH6SN3gPwnI_4CwAAAAA4AeAEAg&bg=!YGOlYyfNAAYIxsuQKMY7ACkAdvg8WuJoUYSXRpsb_-SeThiOUsvuLov5AuXBjsYlb4g6Z1x7hOPF5gIAAAGxUgAAAAJoAQeZAzPWoHRikSZQ1na0V3MiJBwE5voGgEjeYhCo7t-gRAkXYCvb6UP5vNkn7ieD4t6_j2f-w3K-19BM_ZcwHX9hHKO6TLTZOW6F3fXoFRzD_ERG1hq_v2I5tZn8DR_yl56HkSJGPh8c7H3-j_EMMWHAWmcrVjFPHzzbD3LTg9Jbq64G4OPFen9N6bCxK-5LrRoPln_FhD1lyFPgaKCQzRIokjIoCb33yoNndRcxriC9yGBpuat8SQCzVj6zhCso6Zl_W1L5ik4i210wuOOhgQZboUFPEv7K1_465pbmxFdZXr-XITIdWos4Fz2aou4VRt1260zBv4Lx4PS54nG6ghmrgfen-iUYvAGslk0DiYdLs9iOu3H-GZMXtjiqI7l1ovtlWy5JEvdfu-TvNmXBZ4lanzn44kiIfddhXnjxkagIC5NxMB1Todf_aICWTODbGgteP0SvxufHHgxeyvPqfHx-_2Eph53jSFz2UhwDv-crckXNFetUUQFXQVCx3QlWlMRMvG64RjnJL2_iLtmwU8FUfM2sXjxr9IBprl5DM_bt6U4rYLQv_Hqqn_zuel5jt6w6YpClRiKRdv45BielYuTPYZs5Uic3pOjqVV24dHZfwgJQ--Wf5oRU_6wMw9zA7N4bZW4k0Ml4YkmbBb6qSr558-th1a_MfX3nwCWs427EYIkXEK5nHcHSEn3nm9H8iina20XrsINPa6Hjae3YY8Rvcubbpd3WdNPUC8QUMLkQyUULgbZ1ehhIYvL5qQP9ajzgiS5uPuXes0s9lrGhDvW14tLMnI8fzCnDrxM6Hk7L9ZG3Bl1NY_pBuUnhk9S-9-XrjKlePU7jUIcBAkwPciUHX_2B7OcAqW74jRIW55IH7NSQfFexKUA6djw6crHiKMcrB_crGDWSwPWF-W8NpZIyvZYY8-KxTxKInjSxtV-O4uC3DkOMHbovpUzV1-CZGQvulipJqi_TAxxXEGg-72zO04MSPpIFufZtgDFcSQIfDZL_19MmEbXepejxZLzNZ7mZIy_uHBRnOlZ6k8tbW5m3TXY5okIf_kwAo9uxnPNZzkm8fUKbFDtuKD31XkC-TaVhZzB_03c

Requested by

Host: dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
URL: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CBAC 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS9idiQQzY-KAHZq33wP0x43gCgAAAAA4AeAEAg&bg=!RkWlRQHNAAYIxsuQKMY7ACkAdvg8WnpvvVoSQ2GN7MfSX0H_Q2R-_5dW0tQ4zeXdq7WnlCKjWB8l3wIAAAGoUgAAAANoAQcKAKMqaYPxHer9SFdzMRR08Lzv8Ks89sG8uKtAN9KxjVS464gNa2XMesbnaI_eqiEwgHBLuwxe9URi3AHG05lpmZB0P2rQDiCW3izxzS0WH-FjNNvMdvp-zyWQaSX1ZBL4ByFmp0b1t5KAGoGdiz_xDC4cSaR8NVoCxxBo7abp463IYej4Mxcyow7-czN1H2T9ybCbH6YTwPnxNg0so9Lyd8XZqyAjmQLnE4auWTHYAzZ0r1y0xldiOU0SIiA4DxsU-CyaaVIEcvpRbz92l3wk67M0pEwB_JNYGgn49sU3mJAX9nadqfms9ttCttg7FvFULy-TjmHJZ0MPRUl_WLkL6l6W7FBnCz84aFsdlO9f7JwW304XLQ3DRsKoYfjJBm5-1qwOLBhL9eFR0iaGCIKEqAPN7iUGuPz7TcxVNgpgMmjT2rDICD3pEk2qC-SgG7_n-n2tr61XwEDibXSKPJOmJ6hET4cY2Y26oA28RpEuwCHztECa2xyq7Rq3LqYZeUMHYH0I4RtPeoh0edRXSqdidDcgFXGuDlSGx6yMES1xyWEhohTLywR6SXOKtCgp9H2XUSVA1U3xrKpOaVOx2X6GQLL1LKV9SQ0-fqjXb4cWqMVo7Le3RnPAB8S25c6EVo_NARwGQwIxYzdMpK1B5Wm_6mSuMRiDNn9Mzq7vXSsCPWIZ7SMs3NuvfnyRpHNWOtZt1aZFx4OWaAmAJ3jbvjlWotBT1YTHuHTbdSaR_5m3teGfqa1TNQnB8edCn-LO1wDda4oFHuhL8Fdiq-WOfZWWvrp1R2fcbnWl-pFf0cXtAV59KcWiXZubhQVcT3J31MmJJ1HZvcSiRzk0NQ5fRAhElGUc9smd8QXN9WXsTV3bzostZEORiBbGLgMwdEXYW9pkNsc9T8TkKNWbMGphVTP8IwlYQubcn93KObKptcOj9wOrUx8ZyREw01Vo6-8_Q9VejIvIjij3IwxpE1bCRcoO3OkKeJtalFpkyTJo_xm2EoIv8NyujfExaWey--dgisAF0yJ5c4ZVDmFI7Vo_V_WaMjIUPNfY4X_X2ZEp7JW5lFp25EzmTg7Z-FSQedq3onQtXZHpV7Is2xUnKwVIXzDVRxKN0b-bjXwfgWWG3Ps6p5Nb2PhzKMFXPcufKC2-BFYRo__7HFe64SOT4U5EsnPkJxBxxx5MqCY3V7QuMXLhPT3gCIHLCMRKuoYcDAYP4Xo

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 608E 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 14:11:22 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C54 0
26 B 54ms
53ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQG4U-pUp7qIPe8StBLuYGRlzrlv_Jyx8YmBofnDaz1YaBG1cH61lTBxM03H7WGTsTrN6YEAwhCHCseodgB2vbonm-KZC_Ov3wYyhtpoaS46hmFzGl1PgwH363lleSbQhO-EAtwjtozxg4NUTUzxnOvSmHtGin_aGz8110RgtqZV7fUocDPlBKnnD-lc1rBZvBwfVplQC7Z3Bn8fE6NwCrBIlPpBjETGikYjAqXS6_Qrk1tgY9Ry72msMIhTOxJYI9sJ1oLIBNl-Q60W6qWlSE37jtDk7y35gM2xD92GCpJXSe2IB20ABCIC6DoexX8LibY4TNHyN_v3q8sc53F-MQAxqGcLER7jgI0uYh_3eGYyR7_x8_g7nxjtAjNU8jigZS2KTrdzwFwzkYCi56i1caNmi4zuAruJXte-D-1dHk8iekzb73unBap_NdD20dy-Zm43cHcLOIrM7GLnZZvoDAEuFN_MpCuFroMy9rQ1ickEG6Ky2o5IXiz54mBp__h3MBrwMvZfeUwEYw0UDFvcB0ONNFmo93w91PkDx78x1vFzGK6XFoLRKXiRjecwb2-adOXKbzjJxtxY6HncAGrxPMhWPMZKo71i-Ft9aTWQN_cTRB9QdHIMv1YVUU73zi7LTC5cxeeQ18Zl9WSlxhxKf0LX6PCOCqcVhUKcnvxK_GoXTKM-vm1FhE_NhiVC7SEjpcWKcOH-FYGbjIfag4yCqPA9ZCtv04k8E-u3om3WAetow6-n1SX0gHvZBtpeSvRgI95NEEjjIE4KkCNNT2PFrLYARPX4EUB6vUOYVJGQmdGw11u2t8Fz4A7ELHerORlhSaMIV6gT373ayB6U-O6ZH8dvz4XnjOh2RQQrksfg1Kzpg0nKdBtesVKan8_1ybHuHGYsrx1kxZ5f_AfGSQswrvqD9bHD5cJjZZ_3fDaXuVwJ9D9kWv6sedwyB8jltAzHMe8dggvUoeBrk2VF7ILurqCASWEl9S7HqaTPKHHxXOkL3FoFn5gp_k9ynNAYfHv61XFwyxr3IFdRdauQj6s2LNsm2DjB8UmN4vISC1BvE3LMBtzUFNpZPX78aT7UE_P8T2Pu0eLLtiLLkPpAfL1XIbemAR-Ca4EDjo2TzC-WAQNQwbOD2otJkQ3CO483zxnMfYLD5_exVWWcYiyROlSSLEH5X9LqpzsOezz0c8IghmKu8a3BuUqUvW5uo&sai=AMfl-YTVQB9Fhn31qPT4nmO9f480jHT4toCUc4vskkoYA4D6TENWGiXZzYBYI1nbTAFnh6EDLXhvpq1HeymFlomdfu8mijl33tfzQ3j3J9xK5pUBCaAl7E64DFwpEDpUAL1v0NrgxgGm82jKz1KUUoEzkBNgTeTiG04aN83MbeaKzLmPPgyaU3kQIa2j7bFvaDqhHBNoXkiFm8l52Zo8oO9NYJDJo1jqkQ58-Q&sig=Cg0ArKJSzAMSF7Gh3nfkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1098&vt=11&dtpt=791&dett=3&cstd=300&cisv=r20220922.57746&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A10 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlYbAiQQzY4yKHPiP9u8Pr-CmsAkAAAAAOAHgBAI&bg=!NjWlNXHNAAYIxsuQKMY7ACkAdvg8WlKWtoraVvp-3Hixu-4Ab5mIc1y5CWNfOk45yVLo1dJCHetuowIAAAHjUgAAAANoAQcKAH4r_PiTVuXkIcqGY_GEtpseP26KzgSJfyqu-d2QiXKAEdwOfQ_wWUS7TdSnRWhQZ6t23V9Qygu68u7Ca-In8zastB1iBmbz0hdZPiN64j8kiokFtaUOOPsh3i-WiD49sEmcEvMbqUG2gUUEfD88L6_CZXCk6xLVJdGNyYm_LlaZAuLTem2QrYXN_eb7Gl4qNt4r6YioHGyOG62P3LbmtNyQ47eMpXQejpkfExIO8uGrC08M09NrN6MAxG3zD52yX4nzgKiGTg5ikP6HvY3MwoA4UnPprJG5WdDhMDXQhi02YWcBZ22RZvxcoZGCL-TKYpNEt6bHJo_HSBvVf6hoVS9q1bQk38jnFrLuCY6-6SLXNYGuxrBSUS0bYJtHUf6crd2EegUE9IcI1-2U3eWi6QBysBRB7WupeZvhp0JE08jVADagnqksSfkX9XPyY65FlnT6D-FFwQ9MZ_naEu68N2wua8dLJeU_s9BA7WXhYK1Lo3lDNRBhR4qcOQDgiWudQmmQJ2yBBKt86diug_HWFbMkTuk_9KTLi9ykbgKEepJ4WUYZDX9W72J1S1X_0Zz0m_N4U4NoAvYjwjIcsPY0X7sY91VMbLNwAgSYbeTXRPzlmnb5ZlwEANeYEXamTYeTUkQVPj-jGThqAVFd5SX_3cmfFDxKxvCFwPZz13RWTG6xqcNWjTwqtSwkDKEJVrYKkpr1diEPG4SeVL0v7dbgVtTg0A0SOowthNYadOyBAt_cL5aZtWqb4QH1L42063HENBodMVKNh0nC_a4rkb20geClITgVgA_0MG-7UfMuhDACgPD5bRhKNdFf4o9VoVxbHfOglgCACZlRpsy5e2ov_jCQqIoAPle-u4IquMPgHTVc-VK6Uzm53NvCFNjjHUIGH3pEGv9DZTf6fc4CNd_WLc_3uznnM0SVFLTuG6f077L03lCbg2Q7cISjhv15ApYpUOMa32HNWLOy-SsMjhq63UeLrMTU5878NIZnMvbNLAJzXgKDuJ4vz-JSo2_qfj3Z9tHsbQtYU5G6wOlPOjI4bdFhq-NQjma_wNrqexEIphQoXXyT-XiEYe7FBXd62pL0TxKHX_QLtxAd16Dtb6sd-9jzhAr9E0rsHwHTdiGcdODDT3utfRtFtFv_10Oq4UqQ_pZCWYk

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rays.png
s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/ Frame A50B 13 KB
13 KB 30ms
30ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/rays.png

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb4749742d298e340bd16b03e8ac8ca9d317879a9f4b4f8cf202d1541e72a165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62189010/20220829070035849/300x250.html?e=69&leftOffset=0&topOffset=0&c=eHCMi1JDzI&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:05:35 GMT
x-content-type-options: nosniff
age: 72347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13630
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 14:00:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Sep 2022 18:05:35 GMT

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A5B9 36 KB
16 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 13:10:10 GMT

GET
H3 200 2976871344497329774
s0.2mdn.net/simgad/ Frame 608E 16 KB
16 KB 31ms
29ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2976871344497329774

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38c2d612a7fc68a57284d966c42435bc8b3c562a7732f1eeec132f5f45c0ab17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7513298528269151335/index.html?e=69&leftOffset=0&topOffset=0&c=vPZfj7HotJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:15:15 GMT
x-content-type-options: nosniff
age: 17767
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16398
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 17:23:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 09:15:15 GMT

GET
H3 200 14022181174844429152
s0.2mdn.net/simgad/ Frame 608E 66 KB
66 KB 46ms
44ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14022181174844429152

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

340ffce6656e0797fce89566794df7db5a7261731e6e3a4f3c65a932c66c1085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7513298528269151335/index.html?e=69&leftOffset=0&topOffset=0&c=vPZfj7HotJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:09:04 GMT
x-content-type-options: nosniff
age: 7338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67448
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 17:23:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 12:09:04 GMT

GET
H3 200 4680991905373113672
s0.2mdn.net/simgad/ Frame 608E 86 KB
87 KB 33ms
31ms Image
image/png 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4680991905373113672

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2b72ed832023822faa8bb0760769c10b7dddb7a4e468e75160ebb8dc680330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7513298528269151335/index.html?e=69&leftOffset=0&topOffset=0&c=vPZfj7HotJ&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 22:02:27 GMT
x-content-type-options: nosniff
age: 230935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88566
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 18:00:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Sep 2023 22:02:27 GMT

GET
H3 200 pic_2.jpg
s0.2mdn.net/sadbundle/15942740134649324497/ Frame 9C64 56 KB
56 KB 45ms
44ms Image
image/jpeg 2a00:1450:400d:80a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15942740134649324497/pic_2.jpg

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed4c57117334e456fd4c650e10a08014135dc23e43a70987926301fe94df26f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15942740134649324497/300x600.html?e=69&leftOffset=0&topOffset=0&c=8Bnb4gJoKD&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 22:10:10 GMT
x-content-type-options: nosniff
age: 144072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57073
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 14:57:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Sep 2023 22:10:10 GMT

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 84E8 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 13:10:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9C64 17 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 14:11:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C54 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ6FJjjxZYiHeZPkIB_9Trw60a_rqXKY2csxIhLdedxxBiNsLlcTHGbClylCGikmyP3oyIfTTMcyAzkSkL1PhY8RAbdv2G-p3n2fRrSyzROQz5jrqUGJTrP7xW9P_-5b-8XKLsW61Y&sai=AMfl-YQpQ-Qby7HDEMv96T_3567U4R_32MifR108fAi6mCtcWeFrXsFkar9yK0yIcmxoXRDfY08P8-RBlWx8Vg5aM4nFDOWYwz1iwR50j6NG6WsexDzZelp0CVjG2XkcHbe1&sig=Cg0ArKJSzNVBCt4wKdJLEAE&cid=CAASKORobrhWzAiVhfrG0hLqWPqH65eYzdB1y8GoH6qrPcqrIaVFh2mnO6U&id=lidar2&mcvt=1027&p=60,315,310,1285&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3062651269&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664287881329&rpt=350&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 196A 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 13:10:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FEE5 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ_peuuLWAHJmMrmj67OJMctQXakwMsBovohH8i9B86EZoaMpaQFWHa4xuWmei2N58qG4FIfumTD4FbiowCWRsxHlaFqFljdqoD5ptMnifh-VQBudYAP30bNkRkQ&sai=AMfl-YQp5dJdu1uoG7oqWkc8HSmTXfo9y0s_kvbFmADsLZC19v9g_QTekkpijql9riqz-p3Y_pdlTYnnipJ7HD-psIK6DLH76Wkowm64b-3Ecqk8olgPmDHhbhs3p1E6Zwmu&sig=Cg0ArKJSzFbEqnE3wnYCEAE&cid=CAASKORoQtA4aW3RBrVonY_0Wek8qgqq_M-DFaefH874ZBLS3I9bUuIeEIE&id=lidar2&mcvt=1003&p=904,1011,1154,1311&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3312497002&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664287881337&rpt=433&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 06C9 0
26 B 54ms
54ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6nb6btMIGtAnByUijrJd5PXZ5iuorH4mW1AI5ieI8Jpe0qpd-8p9FOHolbC31IPC0QFjmxzxuDtTfrr5vRpMRpJv6xhWN9sGSyQwk7UgoNHKxqBLWMj71uAxo2svgXY7UU2ie2g68Qp32BovlbQG6ZGQdVdYsoDH2eEoVzUpPwzOQmxc85TNy5ab5SAZSOdl96kLzuoDez5G_q1vTEikOvuAQL0Ym54BLIB_34yhIIoxUiTXzYv7T22ZDbIlyAt_yNPofxJQyI3pRyrFHvdMVc0jpVzzlGSOWyj1YWVvMFa74zLTNvl4j4DkzpYDhh7Yt6rxG-MhWsJdlV-1qDbJ-EUa_7JlSBpE_i8sAAgFYrw5jJiYPqXf-b85Nox81aPmV_Jbx1wrtC09wz_qWHLx9J3w_o4O5CIs32eaChseUr93_XYGX12n3FD4DAslI7rNLbl3NVt0F7M5q5gA9XyetrF-RhcOaqjve0YoFe32jPZzeH5WQIU0JYN5rIYbw2OA1xHa0VU5tDtMpBHaJW3pOMQzFV9LASyFSULMysGMmAdREVXwbbCtukeNwu_WJEreq4DCaw4eOmh_RCp2lG72wJ_Sr-ZddrDz3rNqIZnpgz1mBoBx8VBlkM2PpRWTpm9FfCi1ebJ-OMtqyefb-YlbL0g7sEWFIRS-d_N16m_T8KBEsnpIrcfvoZvqQZQ0zuO_lDpgSTyqTaMDRPtxQXME4rN3STFqZ_InlZnH41giPnvO5CrnY4GAEDoq6CtiIGxD4kL2WbYuE6-cGqm6pms0zznnxO-3dbtvrTPyc6obJB9ciChOY4Fukik-2elEm9dNeJKnskOOHicRYA2k0UsEsZEQlF_fRJvtNbToI5YC2bDXZAKOXsPyuUxf4ESjHkCIT7dDalhRt5_886IItMlIOpN2E9GSTYD8kdwf_rJmyxzBAOLA8jQ0tcVs9FOD4E-TzAbt-ZfFmBx5lsvCq5FAs4zZRIZP3kEnCe_678qLklXvYeU2VGzXpeT1xQUZH2Md38L8EU7eyMlp7rOhclVxGts9NdEVep6ZKrDxi_TDAWiKvtJy6se03nVeRmAJfMXC-eOnDUd8N-wkQkJnaetSBjI85qqPJVdMrelGKSbUry9NkFj6eZLeEr_uVhy1aFkyeEKYDDK6gfe9HUt7UKw8R1KifEP5Rwz3INoOawgJ3MV39M3Y&sai=AMfl-YSXJAmmRhH8MY1boMLaRedfTZuvrfYsYQomW0-UeBbNwRM3nWfOsZ1mlcBpywUNbnpr2p2sbjlwVKcA9XM4FdV6GuMSa_R6PHEL8LL8gUsJ4h4sTZnzlGiCt_k3p1HLKUyTc0YW2MFeJuWd0U_r7aML5mbE6jYlSpf6wnfi1xkOzx0Gc0o2PS_5E0wkx7jnGIcic__NA6BrzXR0FHVgRBgg6NTl3rlpSQ&sig=Cg0ArKJSzAXwI12ghRCjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1228&vt=11&dtpt=1091&dett=4&cstd=134&cisv=r20220922.10458&vwbs=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: grand.online
URL: https://grand.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 62ms
62ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6e4f09a51d37889a25a4b1552ebbc866c6661da7579c7d6e8459ba4cf668447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11093
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 14:11:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3083 13 KB
5 KB 17ms
15ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 13:18:22 GMT
expires: Wed, 27 Sep 2023 13:18:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FBAB 783 B
534 B 119ms
57ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c1d3860c59fb70ad85de6b24b5d55f243f9fd42dffad679289e89dba63e639f9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rerCmZTBGMHsUqk7bgNkgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://grand.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-rerCmZTBGMHsUqk7bgNkgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:11:23 GMT
expires: Tue, 27 Sep 2022 14:11:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 06C9 43 B
215 B 172ms
172ms Image
image/gif 2600:1f13:800:7782:37a1:3b18:39e6:194a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1140163&asId=14ed9463-3acd-7367-9d38-c7c16a03a88f&tv=%7Bc:pqlISH,time:1051,type:e,im:%7Bpci:%7Btdr:912%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1051,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1047~0%5D,as:%5B1047~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:351,fm:tiDYlnS+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1*.1140163-65044670%7C1a11%7C1a12%7C1a13%7C1b%7C1c%7C1d%7C1e,idMap:1a1*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:19,sis:376%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:37a1:3b18:39e6:194a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:11:23 GMT
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3083 36 KB
16 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 13:10:10 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3083 0
10 B 16ms
16ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?56FAbA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:11:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FBAB 0
0 49ms
49ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=1705653979124659&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=1705653979124659&bg=!5eal5qLNAAYIxsuQKMY7ACkAdvg8WkgxHtHs-G0rZvChayA3W4L8pn4Gc2RXQ1kWfib0gdiZcstViQIAAABcUgAAAAJoAQcKAJkZROhxl929KGOc7FicYiqJn5QxM0SrsBQ7zxcI4Ed0UnJn2Qc_eqaXYssraSCalf14QnfO4cOD9dazM8rhm6qE07QsW3EkTeV1lGZNkTmmVXjBhEa6Oyzeus-0qZ_WErT3byirRfkP-d-9FMQKTHkoKJmGqSgl074BIVwClr3Xdjk1FYehordz24cyDtezD5OlR0SRJtGHJTeZApx3wbXJPQMZGcJy0QlUB1YABu_6iNbPCd91EfIlJ5bciyMJMZfiJdjkEK5CIosl2PT93mh4BWoGZSwICFyLzaljv29fdURXNg_NPlHkxzO2ivLSB2Jdr30DTTyY58OdXW-XmeO3eUueyK-KKwCaFuQ9gPvb_TaKyhqQjnF1BG3BMr4QxeQI6v84M5klzkxZOeKhqd_eSF8R0hewxH5CypFwDWHd3oaUzZSgru5dvVcJMF3XDlVQLeaQIhA_0zwKcps2Tw0QfjOGQGSw9M9_W_dIEAac26-CKne2giz8vmyv5F9NT9PBmpVeIBwNLNSoj3GURkpSvrPiyLjdRHKj6gM7w9jIq7xkdlU1dMzNDqk92STi8Lfyn-X747JqiX1cb1Jv0_u9KekuWewRIZbV5kHPSILsyGyG9FGj9qC1LScngpBu3NCT4TNoPyI2aocka2fZJUgB5uPL6Hgk1z7L_LcDDkdu7WGdZkduRMmskd5vqP56v4KM0zGQOSpcUiPJn3pnsFXwE1_iVXHqfu5Ffss107S-1WUNTq8fuyGIVf09JsBZV4_WqPL3aB-ZMDrHD53K-YyFvnPhrGD-PwGIkxXrexe0LsbiC8icfiEIxz7ORI_0dPjgIAVSzM1mAtv7ZGShO8h4XJgiEmMOVWHX0DihBTIW69WXgM7lsrJUfcJ8JDP9KtEnZbG_QGEcze3mTbZb5Hej_5WUFYrnwbVoON_wAUqhbBElApHAET1Osu_lalb73B0ZOfpKL3qcvNx394q8hvA9CJLLcVLQbi_jw5yQk9cE8rt5pfgJ46HiFrlfD8N0w6r_lBlP8XL8xqWuT7TNFx8I-BLSf6yR7ba8QhzQPuBWhtm7_iiZTTSQfNZ_ZolxeB645Rih-O6Lag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://grand.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
grand.online/	1970-01-20 07:01:22	Name: Bp89r74t731868OUPR9757p0k799z6Kv Value: s%3AQEpoWg83nTFzAK0CYvkvZXrG_hUZIuAT.OsV3DmeCZ5mY6AfZDH7jJ%2FgAalF%2B6Kwy2fdeVhISI5g
.grand.online/	1970-01-20 15:46:55	Name: __gfp_64b Value: 4TC3M5z1sZIU2c2heqZ6u_cnKnAzioa9BK6S6rO_hTb.R7\|1664287880
grand.online/	1969-12-31 23:59:59	Name: Value: cx_test
.contentexchange.me/	1970-01-20 15:54:07	Name: cx_id Value: 633304886cba4c1f1a59cff1
.contentexchange.me/	1970-01-20 15:54:07	Name: cx_last_match Value: 1664287880565
.grand.online/	1970-01-20 15:46:55	Name: _cb Value: DIu1ntKE-vtCf6y-x
.grand.online/	1970-01-20 15:46:55	Name: _chartbeat2 Value: .1664287880712.1664287880712.1.DWAV2nD2Z_4VChEEjWCKDUpIBH9O4z.1
.grand.online/	1970-01-20 06:18:09	Name: _cb_svref Value: null
grand.online/	1970-01-20 15:54:07	Name: cx_id Value: 633304886cba4c1f1a59cff1
.adform.net/	1970-01-20 07:01:19	Name: C Value: 1
.hit.gemius.pl/	1970-01-20 06:28:12	Name: Gtest Value: KlQCYRMGQMGGq07vZMKMiXkGssaijgtcMGQSHtpFJvGiMG..
.grand.online/	1970-01-20 15:54:07	Name: _ga Value: GA1.2.379704135.1664287881
.grand.online/	1970-01-20 06:19:34	Name: _gid Value: GA1.2.1679128844.1664287881
.grand.online/	1970-01-20 06:18:07	Name: _gat Value: 1
.hit.gemius.pl/	1970-01-20 15:46:55	Name: Gdyn Value: KlxuyMMGQMGGq07vZMKMiXiissGMXP8c25nSGF42BPK7FRxSG7RrGS6GwF-1H8M1YH8PlexaG0F6Sssa
.adform.net/	1970-01-20 07:44:31	Name: uid Value: 8257031363855842095
.adnetwork.agency/	1970-01-20 07:44:31	Name: cecxh_u_key Value: 9eea2136-a8cc-472a-9815-6e880c089bd7
.adnetwork.agency/	1970-01-20 07:44:31	Name: cexh_red Value: 1
.adnetwork.agency/	1970-01-20 08:27:43	Name: contentexchange Value: 427837f49b79b000425200a204df
.grand.online/	1970-01-20 15:39:43	Name: __gads Value: ID=fd270bc9317fdfec-228cc03233ce00a5:T=1664287880:S=ALNI_MZwDXRtYvS7-jMNxh75OLJ6pcCzYw
.openx.net/	1970-01-20 15:03:43	Name: i Value: 9d430ee1-b72b-40df-bc66-be262bf9d817\|1664287881
.criteo.com/	1970-01-20 15:39:43	Name: uid Value: 549bcf47-8c0d-4fb2-b7f6-90a928577f8a
.doubleclick.net/	1970-01-20 15:39:43	Name: IDE Value: AHWqTUk8BIuyXC7pl4nIiEOQsask-Uahat0_y1_EHgTnkdWJM1rge1iqy9G5kVAQYTA
.adnxs.com/	1970-01-20 08:27:43	Name: uuid2 Value: 356379858075422306
.adnxs.com/	1970-01-20 08:27:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Oi^zJ8!]tbPl1M>e)ZlrFUfJ+tGXxoeU!=vaN[^dALYg_MLfr!TMZJ(.Zf.s]VD1p*%nugO%v4VB%nu/%)_lAX
.casalemedia.com/	1970-01-20 08:27:43	Name: CMPS Value: 5121
.casalemedia.com/	1970-01-20 15:03:43	Name: CMID Value: YzMEiTfDs-6mQHgRbGEA6QAA
.casalemedia.com/	1970-01-20 08:27:43	Name: CMPRO Value: 5121
.grand.online/	1970-01-20 15:39:43	Name: cto_bundle Value: QYCuaV9xamFmOUglMkJYNXVQRnFkRUcySEhINmpWVXAlMkZLdmJIdUZibmhaNk1jb0IxUCUyRkVvV0dKbDlGbE5JMXNXWHpOWHkzczJ0NjhNcFB6M2FFYjJNeksxY2NYTHd6UG9URFNVQ3d4WjVnSnM1M0RmVDBEclg2YUlxQTJ4ZmJ0ZkhRU2FXMHhacTk4RE9TMTZlTVJFbUZFeWZUUVElM0QlM0Q
.casalemedia.com/	1970-01-20 08:27:43	Name: CMTS Value: 1219

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: data:image/gif;fake Message: Failed to load resource: net::ERR_INVALID_URL
network	error	URL: data:image/gif;fake Message: Failed to load resource: net::ERR_INVALID_URL
javascript	warning	URL: about:blank Message: The resource https://rumcdn.geoedge.be/ce086b75-7730-41be-8fb7-52d3f2f48f60/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
analytics.contentexchange.me
cdn.id5-sync.com
cdn.jsdelivr.net
cm.g.doubleclick.net
code.createjs.com
collector_sr.contentexchange.me
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
dba903840320bcd66619e553ba8617fc.safeframe.googlesyndication.com
dmp.adform.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gars.hit.gemius.pl
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grand.online
gum.criteo.com
hb.contentexchange.me
ib.adnxs.com
id.sharedid.org
id5-sync.com
images4.contentexchange.me
ls.hit.gemius.pl
match.contentexchange.me
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
ox.irv.si
pagead2.googlesyndication.com
ping.chartbeat.net
platform.instagram.com
prod.uidapi.com
rumcdn.geoedge.be
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync1.adnetwork.agency
sync2.adnetwork.agency
tpc.googlesyndication.com
tracker_ug.contentexchange.me
truncated
ug.contentexchange.me
wrappers.geoedge.be
www.contentexchange.me
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.instagram.com
code.createjs.com
truncated
104.18.19.126
109.206.161.115
109.206.182.78
141.95.33.111
141.95.47.69
142.250.186.34
146.59.30.100
172.217.18.98
178.250.0.157
185.89.210.46
185.97.52.29
2600:1f13:800:7782:37a1:3b18:39e6:194a
2600:9000:223f:7e00:8:48e:53c0:93a1
2600:9000:2240:7400:2:d490:4d80:93a1
2600:9000:2304:9200:18:1fcd:351:7bc1
2600:9000:2491:c200:4:b37b:9440:93a1
2606:4700:10::ac43:266a
2606:4700::6810:5814
2a00:1450:4001:802::2001
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9c
2a00:1450:400d:807::2004
2a00:1450:400d:807::200a
2a00:1450:400d:80a::2006
2a00:1450:400d:80e::2002
2a02:2638:1::13
2a02:2638::3
2a02:26f0:1700:781::f09
2a02:26f0:dc::217:61f3
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f207:c4:face:b00c:0:43fe
2a03:2880:f21c:80e5:face:b00c:0:4420
3.134.134.122
34.102.146.192
34.120.135.53
34.246.229.208
35.164.244.115
35.244.159.8
37.157.2.248
37.157.4.24
46.19.11.36
46.19.11.65
46.19.8.15
46.19.9.11
46.19.9.32
46.19.9.50
5.22.184.38
54.160.55.69
0050b0972873453219a021daf41ec07a7c4db4ea1a59931de540070219e54ff8
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
048e7e253cd1834d6e6950566c96463528591de9e6e4571412a3521ecb9d721a
04a6827a7fe274a540e4cebdcb9fc8724e66767c9fd5b4855598b00bcae0cedb
05127210415a163b172dec12ee903bedb72b079ba4d62b4b532057e3cb4a9268
0772ef06c910ba5884b31a93d70b53c1a00c50b0d4293da1fba18ce4553d8126
07d66b34de6fee81a46de8989d975586042e0e08748f5576bc7a635728cb5c92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce34f381a7a9e9969904d70d8b6c241983fcbe5ee21fc66fbe57ae34dd44b46
0eafb86acbeeb215be57085c7a657f00a5d3d678c38721759afcd79c7fe7e30a
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
11b310a623e626821c826d00d21e9170d013219d213d24ffab7a17c73bf2d41e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a97ec279331d821191aa67d7384c998f222fd3c4d1d0618ac77e3f5b2c773d
15944a76cccc83b3f5385317a2494b26c0e6c4bdb1514e5b8b889cfdd294b713
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce
1694434ab2c09bd57c2c84b62e49a1d4726645ca6c47e4c521dd4c9ce8bd1479
172e2246438b6eff65e86e6ce41fd12720f6a2139acc1b555f93c8c87e1d2af8
199fb21b3ebc707aa9045279d3f380910ebe9194b8f4afc54d85ba28e1ee715e
1eba897fc3da04f720aded8ab910899eca119b78ceed483c6298c7e7b0fa4a10
1f9c84b6481c69fc620215604fb605b4c7503e2f3addc9f68d1ddc30a41da422
2158bdaea33fe1310d97e7b9984c632d7695496ad27077506b0fe729b649c271
222804436b29957e8e4d14a1961c74437b395a177018441458fbc25a409edf42
22b04e027387848488dcd5c19bcca157d65915c425b481c65be1d7fd2ff9ff37
269d9f3331b03446ec6f6efe67e26d23761b66a8dcfc6d36e95eb4be2113570a
2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2aaded58dac73e34620e86b5cfdd6e7e20bb38e2ebe5af7d777bc82822bfdb5c
2b3c66aa094d563c51c306db7ef3a7d8db3f041c627867a8928a5f0636ddf9a4
2c07c34287d9653e1781c3b37e59e80af1d5fbb9e63a8923459a700b7b0092b4
2c3bd22c0d6e6a84762269e1d99023abb0411301bdab6d04f82218c84aaf7f0f
2cd568d4ba898ae20d0f741f2466b121cb86c03d711d3e9f3892100a8bbea56a
2f4a17a5a3fbb69a1ddd04f9237ab480d2069915faf647475f3ca8c729cee0b7
2fbed2e5bf19b1c8e3504510b614b6421cdaeb7a23ba31c24fa71c2552bbfac4
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
335b40195a3802ee5f99a54a101cd045ee795bb862580d0e6b187931937d6635
340ffce6656e0797fce89566794df7db5a7261731e6e3a4f3c65a932c66c1085
342e6d3ee6f579e0c4882d55b3511a7a9fe6863d84b034dfc87ce25939148300
35f1bd33cae1c3679f2d59efad596b94c02482de4a8e978d37bdebd95b2a17c2
363c2a352813c8fc3ebb4e19e721ecc61f1e75940133306219322f512460a941
367d6afdfc741fb48d2d9310e47c3924b693459a74c882c0fc545ec5ed7d55d2
36bd903c57ab38d6ce7fc8db71fd02cb344db4eec12ce9491b8180b3bcee96a1
37d81d7cb35d40b2124d75a3d6998ce803eb0a39be43f313c91e74a28291b8d2
38c2d612a7fc68a57284d966c42435bc8b3c562a7732f1eeec132f5f45c0ab17
3a49cc14bb89463195fb38208d74f8dc42ef35f4e31db6cc47fd449eb1cf2f0f
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3c8e9a16fafc7158758a656369ac271f6d559ac37047ee1be6faecb28349d2e8
3ca8f9a8210bc6b71624e8a90888498aa627346a3d4ca0f711e79e73e6328bbd
3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64
3dbd68539b9bb6baa36d8f00bd5de137b981f4f3933c9c726e438f3b079248da
3ec83024706b101f896c3fd74ad70fdbe8725c17570ed92716bbf7ee340d340b
3fcf5ff4c2b9410c11cd576050ca42ab35d8710a26a06f5a2fe8ef4b21efb3ea
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
400a391547b35a74ca17fb4c1c02e31dc3105de5c4ebb1d5c0e37793b27ec450
40375c497d2a89931a7c7e4737fb7993569b31ec617620575e8f59f1e481693e
40a111236288e27bf773d8d878df7eaa378c3e51a359a03a78415d7789f47406
41762672b387bdf7c5b3638afbefcd6535bd6106984afc3e22cef0e6069ac59a
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
4a82598c6313326a7bd1b48a36afbc4c7170fb8d0221664a6dc56db12ba63a19
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c840b78361cd31c9b74202937effa43a3f770dc4e77a6dcebeb2b16f6e7e62f
4d2ba77d32ea8a5c7d80dca2e50955d1fe46af0302db62cae488a4d10da7321c
4daee49ee6cecd1bf9e92fad93c6c9c85e1da15691220060e0c7d92b2ff6b1a1
4e931a6c65d3eb9699217179250fd1b38dd010b4fc02b84cb0acca98614323ce
4f073067d2773f2ed0efa7d4c04e75e21a5318f107fe73699063eec5a2704fd7
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5119f8380037c6b3abb9e14ee7d8fb84e4fd55794e38505dc73c198da07be53f
5196b3aac9fb9b1c37b8d3c5c0d30c61c683d742b41dd1ebd4ce10a179437fc2
533608fb61d63d334653a5076d7fc949c17bbf33bf8219e21dbfa650a25133ee
534a603a229776ddbe5b615d484418a95c1a10bdff8d2b08058596aea56977ab
5404e0157f7fe36a9d430b6e409f7521418c3f411f79b79d0f4d5185bcc50b3d
541d57d00e3a0e69772bb15b9fe9d74aabc46e8a118770bdaecded859c79ca28
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564bbc0a1f8d9a2a51d2cfe650221af635e6f6745a7cd44290b43441cf75f73f
57297a89d38d2df491eee1c859dd55e415ecdb0a27b3441a89a8939398756771
57369f643f1fba58cb7454e7287f2613af75c97e79b627d747211fbcbd4c16e2
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57eee7ef88bf71331b539aafce3c2d557ff17e7a121d62773c01a2e7a22b5380
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5b21e5b0c82489be94a4b50e4543ce6b35bad3526dcaf0a7e220cc5ab01a0013
5b26177ae85a71e52a01db52794e72a7dc83dc2528b6cb9bb7c1e3bf125ab9f7
5b67e2f67191105e6af18e8ff42b88a0c6c9b209aff9f0ba8c122ae67cee2663
5e20d617a128039fda9d78b960e14cb17d925d137e93a31f3579e3a5e917b240
6193aeeb27c67789ca456d29a2a2584d7ff115c721d94f65a20d52b4ac4024bc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635e8e9c95e057133de2d0d982402d68d6c112da4bc7611da1c122541874c2e5
639785aa0d683a5d24bcbe96629d8d07fd8eefd12499bd97606e65f9373a5112
63e3150ba532c289122e02192742f859f97627901b3a9f0e91a24754e0d41a87
6495f3ac4983b7365f57d1b25b2ef487d739de89ad0cb6a7caaaf6f5ea1d1e48
65971e49267d70780ffdc3c5bb7dda2636b3fe75402e09bab7ff4be27297f5d0
65f5314f04718a775463da7b30aa335077eaddc201a9d692c0ac4dbe54bd0f93
67ce385634823e42b8ea7f8da8487cecca4c17daebb78dde8124cd15caa2d65e
67f03a634316c7bcbcd63409b81b312855dd377e8bcbd7f63d6ef511743d9a92
6844e58027dd0ba3b02d82b52feab8e8b840e59b51e0f92a8fe4e6d84f383d58
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fc669bf9f2e088c3fad7f810770f4138b2dca109109847e6d9b4e8159f06aa2
7011e17ac6c52d9ca5ef329e160e629148925162c2a4cd4fc58c475cfca88a16
71408a0325b54c72282ee8f24ef71b852773b4768c94a3628f0f4c6ba3ac7fc4
73062451f549da75522500dcb79ac5d6906342371b4fcfd74d236afd4b933807
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
77b8581a4bb29e43dbf4b4e86c8a99fde8b099fcd46976604ec355c1adb58e6b
77bcba84f8da163362ed5019911019fa51bf4ca4e5978601e0cd057a075a9840
781e3130f627b8d21a3c5c53df42771274a00295f90020588cc21bada91fe804
78526ac509a71a338fd7659197f80b4a153b6c4cdd4d61240511b78e47370834
7b5838872362fcb56b41e426cdb5073006164d97524ac44902f5749e1da20e56
7ca163989d19b37c8084f5c7c519dd302aede9cb57fcce4284d58a7c3c4a63cd
7dc2088ecfdb0f6cad542f4522b4864da1179a0c9dba0ed56c13ccefb074c293
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7ef666c3e4863dc99388d74784ece59a7d89412b8d9645544da01ab272aeaa14
7f214d089806ff1a20e2cf6022b7a46766a8bb7ac1602781db3ad879fdf9acb9
7f4a81809799263f414802b2294bd49f332bb2626acc1901bfb51863f44ddd35
7fa8a6bcca3dacc9cb960b9e0b828938dc0aba7a2be197b629a1b11766b9fe49
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
83343e2e64664fcc3f86bc3a8596a1af6bbf0db3e6e55944d5312a1b39955f21
83452a003f6213f4cdf44e7975b1976bc72741293d2ac743c68642c99de483b1
8460aaf36b73e229c6b0fcaf7bac791e23c3145e87de6a04d0d91541e39289b6
89ac9ac9042c7ef410ab439837b270dd2dd9f6c545d9383ea8969a35c945cbd7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8acb29e3b167af771a86e749945c6616a05c41707231027ad2617fda9d3de388
8ad4883b33a4e147493e74d0f6d6d6b97579234fea7140ac1480cd80e61fcdfe
8b2984e863695d1096fc1fcaeec775d4ff9bc66342dce42ff247de26ad581ea9
8d47fe10df78e6392e8aeb73e5e1f672bd56be721e53290e2ae4e53e6c3ff04b
8e2a93ef0e3902ded1efa93d5d783634643150325a7805627b94bc68a12e232d
8e6725acd3b6b64558610f04824916460d5e26b028d757bbb013be3bf9a013a5
8eb77845234bc615c9e1bd929212f0947fc0cbcc31b8cad6209f736381cd945d
8f0c5b916021892d914d59f49abf6d73c833f2e279e5a697f0d6c5967c46cedc
8f327829d94bda1536bc1a970fbfd21ce22bb0f048cd9437ce9a1f0401cd1b9b
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9708d51ca5a257260acb8aea6504d9ed3aff8adbb8fa0a61fba1ff93030cc746
97f0bd11ee2d0c71106196d5ecfc0e1781568a5b2b3245199983741fc617e2a4
9d28cccf27df46d9dafd5f5b6b5f6aa78592e13b7e959b564156b83d776e978c
9dcfe9bf55848fac4e3756dd72429d4c3a9cdf663d84d2e38d5e0a11dce1c7b0
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9f9708f08d5d62477cc0dbb1d836e699fc7d2b7fd681e4d64705b57c442a8af1
9fc41ab218a9c82ec669010c33d41ee7bed29cb75771c004b0e8fbcdd9632468
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a097f145b7b5399d1f8e9c86b6f4a36e43f5553fa77c7b2951504731914535ad
a0d5c3ccdcf05c44686b3628a8eec5c79c3e5caf044aca9b1a7453e05c3d3e0f
a3c9bb0126992129d561e6615234943f04520c69bdba33205c935ca70414c2ef
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a67a90d9bcb34b908729b7dd3be5ae351560ad174629fe5a95c351599226e59b
a704e2512e9476394eb8b66066dd738f2351ac623a5dceb00c621bd4718422b2
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8efecc97c27e81de65c176ca2de2000f6fae814c3912b78f547e7dc54ebe34f
a93319dfeca5cfffb65c42e156e2188e48db7f4e7126e105c594b7467bd6d7e3
aca07c1ff13e6a8a82a83f2f405c95a765afc312d8dd691e07fa1381233a5626
adc4072b058cba565cdae846d7ce010c36b22ee5bfc6a587361256599f8d6da2
ae65271b9235f8c51c351d51f65c49a99eccc5a1d51633d6bf57f5182acafdfc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b009739fe76afc86dfc3a3f2f49fe9787129315f5ffbdcd7443c944b4e0143ea
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19b7b0cc0e9a49f153ed770d2840cabc1da5f7d649530cb41130d47fcd121f3
b27efb92d9f3d7ca61d099a04e6673d8adf56bb72619217ed4cb326e815a947d
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
bb4749742d298e340bd16b03e8ac8ca9d317879a9f4b4f8cf202d1541e72a165
bbcef8c61608c49c83bf811ada71ddc9a2ae7a42b82132df136c9b559956c785
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc177e40b0e3b12eabefd63c7ebd4b4eb37b73e60a71c25e2dd9996cc02adac0
bec88eebe3e74cf703e75d985c2fbed93b84956c4b9161c7dbc1cb39ea299c78
beee834d19bc035e9ec7f53b11976622013ded18e2768ca1e05f9dd8e8aff30a
c0fc92a1d6ee5f49a6eb88bc8e41ef9e94cfdd2f8069f19a7c10c03751df163f
c1d3860c59fb70ad85de6b24b5d55f243f9fd42dffad679289e89dba63e639f9
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c408504d97de5ed6856daaefbb299058cf144f9a064d99f69826e22e3f34f24e
c5822b209dbcb8b894ac98a6061a2697a773f5b4810676d45197d4349062d0b0
c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4
c7ce896d848e52912c3625df870af8c8bf1efd1719307d352045437ec462840d
ca3eb2dc8c0d8f1a972f73abacda922f741e35ec5329bdc9160ca713a4685d2c
ca853ffa9d73abbc7af6a362260ab3ec2d72213a7bea75f2c5801a85afc49eaa
ca91070e828cc8240900d0035ca302fcf3444a9170a67ec3477a165ad7f744eb
cd7288102e2f4549609d9f8abbe723dbf6343e7dd70affdc1f3cfc92b0796b05
ce3cfcdef35db3505e95a6d25e8bee74fc75ee0f67c1832dd40ae14566d0458a
cec39ec74b600cc736c68de3fbf6654d56da9a73537834d9118cd64d6234a4df
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bb9b304eb949d22ddb1ecfd74e32867584a92993956010c97feb35f1880618
d13960632c1550d239ad9cc85f6ca36689ab77e77d436b1ab9c2a112452da18d
d295b18bbdff645c3f59c585f0b00d57ed9e0c056d7a7ba867d9f66e18891000
d4efcb6ddae36dfb8c3b873fc81d9492479f82b360ce16c8ed7008f50443e24b
d5882a2478155dcc7d8933f758f0d4fad47fc989a66cad8f3c261928d027fc89
d5ee70a92ca313a47ef28393cb5fa83d6ca14554f4e25179795a133e81d0ca0c
d63686429bb99468d1218e0fc058740479a9ed5848de190a01a7b292fec00ead
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d9608ec4ea86f70691860daf1b477654e08357662b2fdc33568a376b0fcbdf5c
dbc552990fe360138dcdf4d31d00668dd558860d512e84a56626b10d9f13695a
dc1e701bb61637c52b6c0ac164272f0b599f3a673745ec2ff12fdae3ff616b05
dc7bdb602bc8875153d3aa881ea674b25d08d59dcf21b8c75df0f0edfad78107
dd8a3a119c284a258bb583bff733acb3db402811ec15a63409ff736fe36f3b8b
dd95b1a36a47b437e71461c9bbf62d433752eafdf3de90f78d8cfd156b52f710
dedb1790d03f13ec6a984c4ef58d25841a3cf0c6fc03603a3b6748e59ed181cc
df39da0e1b6ebf2e4b2952300401e0a79d585fabd51245cc2d9076651e138418
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
df735c0cbff6fdac8d3c64ef35cd214c28ab2cfd4ee329cb9a55c23869bac3c9
dfb14cfef231d411e8d961243ca68240593e71644a487ae384c727521e37cb08
e23f661b5b125ec9d2a02df33c06a3b38e40b2256d82517e5423381c3926301f
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e34b2f616cba899fde7cf3b1a0fda4560bf6b2b5e6b4dfc2b99c9a5eb65207b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c0b96b9699ffd83e2f5ba5b66427a3db71787bae77fd8df7a6f4cc7e2121a8
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e8bd46f6d1400c67a5cd3b65cb72ba04e0b4dc8aa5d5521f74a1e2a0c6f656a9
ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7
ed1cecab6573cd2fd6a518be3080f4c818382f0f8624ad1cd1916d202f7000d6
ed4c57117334e456fd4c650e10a08014135dc23e43a70987926301fe94df26f4
ee65852d045e6d991ad027f2aa1559c37fb3c77fd65629731bc1253a4e92f17e
ee677d513ad5b549a32aea0f9e2a2c680b383500911f4669450384153865b8c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2b72ed832023822faa8bb0760769c10b7dddb7a4e468e75160ebb8dc680330
f0ea825fe8eda5b0cbf0c644e4a86bbd704a30897344c7d84b23bd50d1ebcf8e
f26cbeecf910e06ba7ed31d1bf8d01c6d8195088451f626cff5bc3cefd0262d5
f36fa525279edb84435237b8598c768d716c37dafae451ab2eb6b2d51a9905f9
f4f945bff1a44312deba2e479229daf550192946a6dcef4fe33d664e3a3ddc99
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6e4f09a51d37889a25a4b1552ebbc866c6661da7579c7d6e8459ba4cf668447
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fab10ef0b40c2e2da0973e0697903d144e8ef0e2de7096466d86b7b5312b8134
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fd4801631ecd42c3f5b571b88c10aa428968ec95ebef8856fa720a45201f6cb0
fd852854b011e82c920073069e31f0ad76a933aa554413e936d26c8dd73d807a
feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9
ff8a921069f33402a4aa8ab5654d6c3d1027b7739e20b3eaddcbb6f80c67403a
ff9c62afbb0f39e487474bc9f1e286ed22c0999232a735ada869d5d03746496a

grand.online Open in urlscan Pro 5.22.184.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

318 Requests

92 %HTTPS

50 %IPv6

36 Domains

61 Subdomains

52 IPs

11 Countries

11266 kBTransfer

15435 kBSize

30 Cookies

68 Outgoing links

Page URL History

Redirected requests

318 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

grand.online Open in urlscan Pro
5.22.184.38 Public Scan

Screenshot
Live screenshot

Full Image

318
Requests

92 %
HTTPS

50 %
IPv6

36
Domains

61
Subdomains

52
IPs

11
Countries

11266 kB
Transfer

15435 kB
Size

30
Cookies

318 HTTP transactions
9 data transactions